37 matches found
OpenClaw has an unspecified vulnerability (CNVD-2026-20008)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from a failure to properly preserve the OPENCLAWRuntime Control Environment namespace in the workspace dotenv file, which can be exploited by an attacker to manipula...
CVE-2025-41459 Insecure authentication due to missing bruteforce protection and runtime manipulation in Two App Studio Journey 5.5.6 for iOS
Insufficient protection against brute-force and runtime manipulation in the local authentication component in Two App Studio Journey 5.5.6 on iOS allows local attackers to bypass biometric and PIN-based access control via repeated PIN attempts or dynamic code injection...
CVE-2025-41459
CVE-2025-41459 affects Two App Studio Journey 5.5.6 on iOS. The local authentication component has insufficient brute-force protection and is vulnerable to runtime manipulation, allowing local attackers to bypass biometric and PIN controls via repeated PIN attempts or dynamic code injection. CVSS...
PT-2025-30260 · Unknown · Two App Studio Journey
Name of the Vulnerable Software and Affected Versions: Two App Studio Journey version 5.5.6 Description: The local authentication component has insufficient protection against brute-force attacks and runtime manipulation on iOS. This allows local attackers to bypass biometric and PIN-based access...
CVE-2020-35208
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authentica...
GHSA-F3MF-HM6V-JFHH Mesop Class Pollution vulnerability leads to DoS and Jailbreak attacks
From @jackfromeast and @superboy-zjc: We have identified a class pollution vulnerability in Mesop = 0.14.0 application that allows attackers to overwrite global variables and class attributes in certain Mesop modules during runtime. This vulnerability could directly lead to a denial of service Do...
Mesop Class Pollution vulnerability leads to DoS and Jailbreak attacks
From @jackfromeast and @superboy-zjc: We have identified a class pollution vulnerability in Mesop = 0.14.0 application that allows attackers to overwrite global variables and class attributes in certain Mesop modules during runtime. This vulnerability could directly lead to a denial of service Do...
CVE-2020-35208
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authentica...
CVE-2020-35207
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The PIN authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authenticate wi...
CVE-2020-35208
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authentica...
Authentication flaw
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authentica...
Authentication flaw
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The PIN authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authenticate wi...
CVE-2020-35207
LogMeIn LastPass Password Manager for iOS (version 4.8.11.2403) has an authentication bypass vulnerability: PIN unlock can be forced to succeed via runtime manipulation, allowing an attacker to authenticate with an arbitrary PIN. Root cause: manipulation of the PIN check process. Impact: partial ...
CVE-2020-35207
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The PIN authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authenticate wi...
CVE-2020-35208
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authentica...
CVE-2020-35208
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authentica...
PT-2020-17292 · Logmein · Logmein Lastpass Password Manager
Name of the Vulnerable Software and Affected Versions: LogMein LastPass Password Manager version 4.8.11.2403 Description: An issue was discovered in the LogMein LastPass Password Manager app for iOS, where the PIN authentication for unlocking can be bypassed by forcing the authentication result t...
PT-2020-17293 · Logmein · Logmein Lastpass Password Manager
Name of the Vulnerable Software and Affected Versions: LogMein LastPass Password Manager version 4.8.11.2403 Description: An issue was discovered in the LogMein LastPass Password Manager app for iOS, where the password authentication for unlocking can be bypassed by forcing the authentication...
LogMein LastPass Password Manager Authorization Issues Vulnerability
Logmein LogMeIn LastPass is a cross-platform online password management tool from US-based Logmein. LogMein LastPass Password Manager suffers from an authorization issue vulnerability that stems from the fact that password authentication for a problematic unlock can be bypassed by forcing the...
Runtime Mobile Security (RMS) - A Powerful Web Interface That Helps You To Manipulate Android Java Classes And Methods At Runtime
Runtime Mobile Security RMS , powered by FRIDA, is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime. You can easily dump all the loaded classes and relative methods, hook everything on the fly, trace methods args and return value, load custom scrip...