35 matches found
EUVD-2017-16561
Malware in sbrugna...
EUVD-2017-16562
Malware in sbrugna...
EUVD-2025-22081
Malicious code in bioql PyPI...
EUVD-2021-30902
Malicious code in bioql PyPI...
CVE-2025-41459
Insufficient protection against brute-force and runtime manipulation in the local authentication component in Two App Studio Journey 5.5.6 on iOS allows local attackers to bypass biometric and PIN-based access control via repeated PIN attempts or dynamic code injection...
CVE-2025-41459 Insecure authentication due to missing bruteforce protection and runtime manipulation in Two App Studio Journey 5.5.6 for iOS
Insufficient protection against brute-force and runtime manipulation in the local authentication component in Two App Studio Journey 5.5.6 on iOS allows local attackers to bypass biometric and PIN-based access control via repeated PIN attempts or dynamic code injection...
CVE-2025-41458
CVE-2025-41458 concerns unencrypted storage in the iOS app Two App Studio Journey v5.5.9, allowing local attackers with direct filesystem access to extract sensitive data. The NVD entry lists a CVSS v3.1 base score 5.5 (MEDIUM) , with LOCAL attack vector, LOW attack complexity, and HIGH confident...
CVE-2025-41458 Insecure data storage vulnerability in Two App Studio Journey v5.5.9 for iOS
Unencrypted storage in the database in Two App Studio Journey v5.5.9 for iOS allows local attackers to extract sensitive data via direct access to the app’s filesystem...
CVE-2025-41458 Insecure data storage vulnerability in Two App Studio Journey v5.5.9 for iOS
Unencrypted storage in the database in Two App Studio Journey v5.5.9 for iOS allows local attackers to extract sensitive data via direct access to the app’s filesystem...
PT-2025-30259 · Unknown · Two App Studio Journey
Name of the Vulnerable Software and Affected Versions: Two App Studio Journey version 5.5.9 Description: The application stores data in an unencrypted format within its database on iOS devices. This allows local attackers to extract sensitive information by directly accessing the application’s...
PT-2025-30260 · Unknown · Two App Studio Journey
Name of the Vulnerable Software and Affected Versions: Two App Studio Journey version 5.5.6 Description: The local authentication component has insufficient protection against brute-force attacks and runtime manipulation on iOS. This allows local attackers to bypass biometric and PIN-based access...
Two App Studio Journey 安全漏洞
Two App Studio Journey is a cross-platform digital diary application from Two App Studio Singapore. A security vulnerability exists in Two App Studio Journey version 5.5.9, which stems from unencrypted storage of the database and could lead to the disclosure of sensitive data...
UiPath App Studio Cross-Site Scripting Vulnerability
UiPath App Studio is a low-code application development platform from UiPath, Inc. A cross-site scripting vulnerability exists in version 21.4.4 of UiPath App Studio, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the vulnerability...
CVE-2021-44043
An issue was discovered in UiPath App Studio 21.4.4. There is a persistent XSS vulnerability in the file-upload functionality for uploading icons when attempting to create new Apps. An attacker with minimal privileges in the application can build their own App and upload a malicious file containi...
Cross site scripting
An issue was discovered in UiPath App Studio 21.4.4. There is a persistent XSS vulnerability in the file-upload functionality for uploading icons when attempting to create new Apps. An attacker with minimal privileges in the application can build their own App and upload a malicious file containi...
CVE-2021-44043
UiPath App Studio 21.4.4 is affected by a persistent cross-site scripting (XSS) vulnerability in the file-upload functionality used for app icon uploads. An attacker with minimal privileges can upload a malicious file and, by altering the MIME type in a subsequent request, cause the payload to be...
UiPath App Studio 跨站脚本漏洞
UiPath App Studio is a low-code application development platform from UiPath, Inc. A cross-site scripting vulnerability exists in version 21.4.4 of UiPath App Studio, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the vulnerability...
CVE-2017-7554
A flaw was found where the App Studio component of RHMAP 4.4 executes javascript provided by a user. An attacker could use this flaw to execute a stored XSS attack on an application administrator using App Studio...
CVE-2017-7553
The externalrequest api call in App Studio millicore allows server side request forgery SSRF. An attacker could use this flaw to probe the network internal resources and access restricted endpoints...
Server-Side Request Forgery (SSRF)
App Studio millicore is vulnerable to server-side request forgery SSRF attacks. An attacker could exploit a flaw in the externalrequest api call. This allows an attacker to probe the network internal resources, and access restricted endpoints which leads to a disclosure of information...