18 matches found
EUVD-2022-37812
Malicious code in bioql PyPI...
EUVD-2022-37813
Malicious code in bioql PyPI...
CVE-2022-34909
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database...
CVE-2022-34908
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization ...
CVE-2022-34910
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device...
CVE-2022-34908
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization ...
CVE-2022-34909
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database...
Design/Logic Flaw
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device...
Sql injection
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database...
CVE-2022-34909
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database...
CVE-2022-34908
CVE-2022-34908 affects A4N (Aremis 4 Nomad) Android app (version 1.5.0). The issue is in the authentication flow: while an auth mechanism exists, some endpoints do not require a token or cookie, allowing an attacker to send a simple HTTP request to the appropriate endpoint and obtain authorizatio...
CVE-2022-34909
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database...
CVE-2022-34908
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization ...
CVE-2022-34910
The CVE-2022-34910 entry concerns the A4N (Aremis 4 Nomad) Android app 1.5.0, where user passwords are stored in cleartext in the local data store. This root cause enables any attacker with device access to retrieve other users’ passwords, describing a local, data-leak risk rather than a remote e...
CVE-2022-34908
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization ...
CVE-2022-34910
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device...
CVE-2022-34910
An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device...
CVE-2022-34909
CVE-2022-34909 concerns A4N (Aremis 4 Nomad) Android app 1.5.0. The issue is a SQL Injection vulnerability in the application’s authentication flow that allows an attacker to bypass authentication and retrieve data stored in the database. The available connected data confirms the affected product...