18 matches found
EUVD-2022-37813
Malicious code in bioql PyPI...
EUVD-2022-37812
Malicious code in bioql PyPI...
CVE-2022-34909
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database...
CVE-2022-34908
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization ...
CVE-2022-34910
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device...
CVE-2022-34909
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database...
CVE-2022-34908
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization ...
Sql injection
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database...
Design/Logic Flaw
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device...
CVE-2022-34909
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database...
CVE-2022-34908
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization ...
CVE-2022-34910
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device...
CVE-2022-34910
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device...
CVE-2022-34909
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database...
CVE-2022-34908
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization ...
CVE-2022-34910
The CVE-2022-34910 entry concerns the A4N (Aremis 4 Nomad) Android app 1.5.0, where user passwords are stored in cleartext in the local data store. This root cause enables any attacker with device access to retrieve other users’ passwords, describing a local, data-leak risk rather than a remote e...
CVE-2022-34908
CVE-2022-34908 affects A4N (Aremis 4 Nomad) Android app (version 1.5.0). The issue is in the authentication flow: while an auth mechanism exists, some endpoints do not require a token or cookie, allowing an attacker to send a simple HTTP request to the appropriate endpoint and obtain authorizatio...
CVE-2022-34909
CVE-2022-34909 concerns A4N (Aremis 4 Nomad) Android app 1.5.0. The issue is a SQL Injection vulnerability in the application’s authentication flow that allows an attacker to bypass authentication and retrieve data stored in the database. The available connected data confirms the affected product...