Lucene search
K

18 matches found

CVE
CVE
added 2026/06/29 2:19 p.m.13 views

CVE-2026-55844

The Home Assistant iOS companion app prior to 2025.5.0 ignores the SSID allowlist for internal networks. It uses SSID to decide when to use the internal URL, but if no other URL is available it falls back to the internal URL, which can expose the user’s token on unsecure networks. Affected compon...

7.5CVSS5.8AI score0.00161EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.10 views

PT-2026-6585

Name of the Vulnerable Software and Affected Versions ProficySCADA for iOS version 5.0.25920 Description The application is susceptible to a denial of service condition. An attacker can cause the application to crash by manipulating the password input field. Specifically, overwriting the field wi...

7.5CVSS5.5AI score0.00337EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/09/12 12:0 a.m.7 views

JVN#89109713: WTW-EAGLE App vulnerable to improper server certificate validation

WTW-EAGLE App provided by Wireless Tsukamoto Co., Ltd. contains the following vulnerability. Improper server certificate validation CWE-295 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 6.3 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Base Score 4.8 CVE-2025-58781...

6.3CVSS6.3AI score0.00132EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:53 a.m.4 views

CVE-2023-22367

Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0 improperly verify server certificates, which may allow a remote unauthenticated attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack...

5.9CVSS6.9AI score0.00513EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/13 12:0 a.m.4 views

PT-2023-28870 · Zoom · Zoom Mobile App For Android +3

Name of the Vulnerable Software and Affected Versions: Zoom Mobile App for Android versions prior to 5.16.0 Zoom Mobile App for iOS versions prior to 5.16.0 Zoom SDKs for Android versions prior to 5.16.0 Zoom SDKs for iOS versions prior to 5.16.0 Description: The issue is related to cryptographic...

4.9CVSS6.6AI score0.00567EPSS
Exploits0References10
OSV
OSV
added 2020/06/22 6:15 p.m.3 views

CVE-2020-14981

The ThreatTrack VIPRE Password Vault app through 1.100.1090 for iOS has Missing SSL Certificate Validation...

5.9CVSS6.2AI score0.00816EPSS
Exploits0References2
OSV
OSV
added 2020/05/18 12:15 a.m.2 views

CVE-2019-20801

An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code that accesses a user's data via...

5.3CVSS6AI score0.01008EPSS
Exploits1References2
OSV
OSV
added 2019/05/06 8:29 p.m.4 views

CVE-2018-18975

An issue was discovered in the Ascensia Contour NEXT ONE app for iOS before 2019-01-15. An attacker may proxy communications between the app and Ascensia backend servers because of a weak certificate-pinning implementation, leading to disclosure of medical information...

7.5CVSS5.8AI score0.00962EPSS
Exploits1References1
OSV
OSV
added 2019/03/27 2:29 p.m.1 views

CVE-2019-5927

Directory traversal vulnerability in 'an' App for iOS Version 3.2.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors...

7.5CVSS5.9AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/06/15 5:40 a.m.2 views

ANA App for iOS fails to verify SSL server certificates

Overview ANA App for iOS provided by ALL NIPPON AIRWAYS CO., LTD fails to verify SSL server certificates CWE-295. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...

7.4CVSS6.4AI score0.00503EPSS
Exploits0References5
CNVD
CNVD
added 2017/07/20 12:0 a.m.1 views

Emirates NBD Bank P.J.S.C Emirates NBD KSA app for iOS Man-in-the-Middle Attack Vulnerability

A security vulnerability in the Emirates NBD Bank P.J.S.C Emirates NBD KSA app for iOS-based platforms versions 3.10.0 to 3.10.4 UAE and versions 2.0.1 to 2.1.0 KSA stems from the program's failure to validate an X.509 certificate on the server side of an SSL server. The vulnerability can be...

5.9CVSS6.7AI score0.00486EPSS
Exploits0References1
OSV
OSV
added 2017/06/16 12:29 p.m.1 views

CVE-2017-9586

The "FSBY Mobile Banking" by First State Bank of Yoakum TX app 3.0.0 -- aka fsby-mobile-banking/id899136434 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9CVSS5.8AI score0.00486EPSS
Exploits0References1
OSV
OSV
added 2017/06/16 12:29 p.m.2 views

CVE-2017-9583

The "Charlevoix State Bank" by Charlevoix State Bank app 3.0.1 -- aka charlevoix-state-bank/id1128963717 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9CVSS5.8AI score0.00486EPSS
Exploits0References1
OSV
OSV
added 2017/06/16 12:29 p.m.3 views

CVE-2017-9577

The "First Citizens Bank-Mobile Banking" by First Citizens Bank AL app 3.0.0 -- aka first-citizens-bank-mobile-banking/id566037101 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...

5.9CVSS5.8AI score0.00486EPSS
Exploits0References1
OSV
OSV
added 2017/06/16 12:29 p.m.4 views

CVE-2017-9582

The "BNB Mobile Banking" by Brady National Bank app 3.0.0 -- aka bnb-mobile-banking/id674215747 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9CVSS5.8AI score0.00486EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/11 12:0 a.m.2 views

America's First Federal Credit Union Mobile Banking app for iOS Security Bypass Vulnerability

America's First Federal Credit Union Mobile Banking app for iOS is a mobile app for iOS from America's First Federal Credit Union FCU Bank, featuring quick access to manage bank accounts, manage balances, manage balances, pay bills, send money, and more. A security bypass vulnerability exists in...

5.9CVSS6.5AI score0.00486EPSS
Exploits0References1
OSV
OSV
added 2017/05/05 7:29 a.m.2 views

CVE-2017-5915

The Emirates NBD Bank P.J.S.C Emirates NBD KSA app 3.10.0 through 3.10.4 UAE and 2.0.1 through 2.1.0 KSA for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9CVSS5.8AI score0.00486EPSS
Exploits0References1
securityvulns
securityvulns
added 2015/01/18 12:0 a.m.45 views

File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities

Document Title: =============== File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1403 Release Date: ============= 2015-01-15 Vulnerability Laboratory ID VL-ID: ==================================== 1403...

7.7AI score
Exploits0
Rows per page
Query Builder