66 matches found
EUVD-2020-5405
Malware in sbrugna...
EUVD-2017-2767
Malware in sbrugna...
EUVD-2017-2765
Malware in sbrugna...
EUVD-2017-2768
Malware in sbrugna...
EUVD-2017-2766
Malware in sbrugna...
EUVD-2020-5879
Malware in sbrugna...
EUVD-2017-2769
Malware in sbrugna...
EUVD-2017-2770
Malware in sbrugna...
CVE-2020-13637
An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. It stores the clientkey, the deviceid, and the public key for end-to-end encryption in cleartext, enabling an attacker by copying or having access to the local storage databas...
CVE-2020-13129
An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and possibly other platforms. The GET method is used with clientkey and deviceid data in the query string, which allows attackers to obtain sensitive information by reading web-server logs...
The vulnerability of the chat and video call messaging application stashcat for operating systems macOS, Windows, iOS, and Android allows a perpetrator to disclose protected information.
The vulnerability of the stashcat messaging and video call application for operating systems macOS, Windows, iOS, and Android relates to the insecure storage of critical information. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...
CVE-2020-13637
An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. It stores the clientkey, the deviceid, and the public key for end-to-end encryption in cleartext, enabling an attacker by copying or having access to the local storage databas...
CVE-2020-13637
An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. It stores the clientkey, the deviceid, and the public key for end-to-end encryption in cleartext, enabling an attacker by copying or having access to the local storage databas...
Code injection
An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. It stores the clientkey, the deviceid, and the public key for end-to-end encryption in cleartext, enabling an attacker by copying or having access to the local storage databas...
CVE-2020-13637
The CVE-2020-13637 entry applies to the stashcat app up to version 3.9.2 across macOS, Windows, Android, iOS, and possibly other platforms. The root issue is the storage of sensitive credentials (client_key, device_id, and the public key for end-to-end encryption) in cleartext in the local storag...
CVE-2020-13637
An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. It stores the clientkey, the deviceid, and the public key for end-to-end encryption in cleartext, enabling an attacker by copying or having access to the local storage databas...
Heineking Media stashcat app information disclosure vulnerability
Heineking Media stashcat app is an instant messaging application from Heineking Media, Germany. An information disclosure vulnerability exists in Heineking Media stashcat app version 3.9.1 and prior versions, which can be exploited by an attacker to obtain sensitive information by reading web...
CVE-2020-13129
An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and possibly other platforms. The GET method is used with clientkey and deviceid data in the query string, which allows attackers to obtain sensitive information by reading web-server logs...
CVE-2020-13129
An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and possibly other platforms. The GET method is used with clientkey and deviceid data in the query string, which allows attackers to obtain sensitive information by reading web-server logs...
Design/Logic Flaw
An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and possibly other platforms. The GET method is used with clientkey and deviceid data in the query string, which allows attackers to obtain sensitive information by reading web-server logs...