15 matches found
CVE-2019-5627
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the app cache as base64 encoded strings, i.e. clear text. These persist in the cache even if the user logs out. This can allow an attacker to compromise the affected BlueCats network implementation. The...
CVE-2024-54461
The file names constructed within fileselector are missing sanitization checks leaving them vulnerable to malicious document providers. This may result in cases where a user with a malicious document provider installed can select a document file from that provider while using your app and could...
CVE-2024-54462
The file names constructed within imagepicker are missing sanitization checks leaving them vulnerable to malicious document providers. This may result in cases where a user with a malicious document provider installed can select an image file from that provider while using your app and could...
CVE-2024-54462
CVE-2024-54462 concerns the Flutter image_picker_android component. The issue arises from unsanitized filenames created by image_picker, which can be exploited by a malicious document provider to have a user select an image file from that provider and potentially override internal files in the ap...
CVE-2024-54462 Unsanitized Filenames in Flutter package image_picker_android Allow File Overwrites
The file names constructed within imagepicker are missing sanitization checks leaving them vulnerable to malicious document providers. This may result in cases where a user with a malicious document provider installed can select an image file from that provider while using your app and could...
PT-2025-3026 · Unknown · Image Picker Android +1
Name of the Vulnerable Software and Affected Versions: image picker versions prior to 0.8.12+18 image picker android versions prior to 0.8.12+18 Description: The file names constructed within image picker are missing sanitization checks, leaving them vulnerable to malicious document providers. Th...
PT-2024-40550 · Mozilla · Seamonkey
Name of the Vulnerable Software and Affected Versions: SeaMonkey versions prior to 2.53.19 Description: The issue is related to a security vulnerability in SeaMonkey. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where thi...
CVE-2019-5627
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the app cache as base64 encoded strings, i.e. clear text. These persist in the cache even if the user logs out. This can allow an attacker to compromise the affected BlueCats network implementation. The...
Design/Logic Flaw
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the app cache as base64 encoded strings, i.e. clear text. These persist in the cache even if the user logs out. This can allow an attacker to compromise the affected BlueCats network implementation. The...
CVE-2019-5627
CVE-2019-5627 concerns the iOS app BlueCats Reveal prior to version 5.14, which stores the user credentials in the app cache as base64-encoded strings (clear text). These credentials persist after logout, enabling local attackers with physical device access or a compromised app to potentially com...
DEBIAN-CVE-2018-16477
A bypass vulnerability in Active Storage = 5.2.0 for Google Cloud Storage and Disk services allow an attacker to modify the content-disposition and content-type parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as...
Linux System Optimizer and Monitoring: Stacer
System optimizer apps are quite the thing on platforms such as Windows and Android. Their usefulness, however, is debatable considering how notorious they are when it comes to using system resources. Stacer was created to better optimize your Linux PC in the sense that it packs quite the list of...
App Cache Cleaner - 1Tap Clean - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application App Cache Cleaner - 1Tap Clean published at the 'play' market has multiple vulnerabilities...
chromium-browser: Use-after-free in AppCache
Use-after-free vulnerability in content/browser/appcache/appcachedispatcherhost.cc in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect pointer maintenance...
Affect tens of millions of APP the Android APP“parasitic beast”vulnerability technical analysis-vulnerability warning-the black bar safety net
3 6 0 mobile security research team vulpecker recently discovered a new Android app security vulnerabilities, the market tens of millions of apps are affected by the vulnerability. The vulnerability once attacker, it can be directly on the user's mobile phone implanted Trojans to steal the user's...