1094 matches found
CVE-2015-5634
CVE-2015-5634 affects Newphoria MEGAPHONE MUSIC (Android and iOS). The MEGAPHONE MUSIC app (Android/iOS) before version 1.1 is vulnerable to a URL-whitelist bypass via the app’s URL scheme, enabling loading of arbitrary pages. JVN/JVNDB entries specify impact: Android may allow an API deemed in t...
CVE-2015-5636
The Newphoria Reversi application before 1.0.3 for Android and before 1.2 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...
CVE-2015-5636
CVE-2015-5636 affects Newphoria Reversi on Android up to version 1.0.2 and iOS up to 1.1 (the advisory cites Android 1.0.3 and iOS 1.2 as non-vulnerable). The issue is a bypass of the URL whitelist protection, allowing an attacker to obtain API access via unspecified vectors by abusing the app’s ...
CVE-2015-5632
The Newphoria applican framework vulnerability (Android versions prior to 1.12.3; iOS prior to 1.12.2) is a URL whitelist bypass in the runtime engine. When an app is launched via the URL-scheme, the whitelist.xml protection can be bypassed and non‑whitelisted URLs may be accessed, enabling an AP...
CVE-2015-5637
The CVE-2015-5637 entry concerns the Android Photon application by Newphoria. Affected software: Photon for Android prior to version 1.2. The root cause is a bypass of the URL whitelist protection, enabling attackers to obtain API access via unspecified vectors. Documented impact indicates that a...
CVE-2015-5634
The Newphoria MEGAPHONE MUSIC application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...
CVE-2015-5635
The Newphoria Koritore application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...
CVE-2015-5635
The CVE-2015-5635 entries describe a vulnerability in Newphoria Koritore for Android and iOS prior to version 1.1 where the app can bypass the URL whitelist protection and gain API access. Affected products are Koritore for Android versions 1.0 and earlier and Koritore for iOS versions 1.0 and ea...
CVE-2015-5637
The Newphoria Photon application before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...
CVE-2015-5633
The Newphoria Auction Camera application for iOS and before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...
Code injection
The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.6.0 and earlier for Android and 1.0.2 and earlier for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...
CVE-2015-5629
The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.6.0 and earlier for Android and 1.0.2 and earlier for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...
CVE-2015-5629
The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.6.0 and earlier for Android and 1.0.2 and earlier for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...
CVE-2015-5629
The CVE pertains to the NTT Broadband Platform Japan Connected-free Wi‑Fi application (Android up to 1.6.0 and iOS up to 1.0.2). Multiple connected sources confirm a vulnerability that allows bypassing the URL whitelist protection and may enable arbitrary API execution or loading of arbitrary pag...
The vulnerability of the Adobe Reader PDF viewer program allows a hacker to circumvent access restrictions.
The vulnerability of the Adobe Reader PDF viewer program is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to bypass restrictions on access to the JavaScript API...
The vulnerability of the Adobe Reader DC PDF viewer program, which allows a hacker to circumvent access restrictions
The vulnerability of the Adobe Reader DC PDF viewer program is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to bypass restrictions on access to the JavaScript API...
The vulnerability of Adobe Acrobat’s PDF editing software allows a hacker to circumvent access restrictions.
The vulnerability of the Adobe Acrobat PDF editing program is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to bypass restrictions on access to the JavaScript API...
CVE-2015-0297
Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methods via the 1 ServerInvokerServlet or 2 SchedulerService or 3 cause a denial of service disk consumption via the ContentManager...
CVE-2015-0297
Red Hat JBoss Operations Network 3.3.1 is affected by CVE-2015-0297. The issue arises because the server did not correctly restrict access to certain remote APIs, enabling a remote, unauthenticated attacker to execute arbitrary Java methods via the ServerInvokerServlet or SchedulerService, and po...
KLA10503 Multiple vulnerabilities in IBM products
Multiple serious vulnerabilities have been found in IBM products. Below is a complete list of vulnerabilities 1. Improper WAR applications support in IBM Bluemix can be exploited remotely via unspecified vectors related to Java overlay feature; 2. Improper API access restrictions in IBM API...