BIT-VAULT-2025-6013 Vault LDAP MFA Enforcement Bypass When Using Username As Alias

Vault and Vault Enterprise’s “Vault” ldap auth method may not have correctly enforced MFA if usernameasalias was set to true and a user had multiple CNs that are equal but with leading or trailing spaces. Fixed in Vault Community Edition 1.20.2 and Vault Enterprise 1.20.2, 1.19.8, 1.18.13, and...

CVE-2025-6013

Vault and Vault Enterprise’s “Vault” ldap auth method may not have correctly enforced MFA if usernameasalias was set to true and a user had multiple CNs that are equal but with leading or trailing spaces. Fixed in Vault Community Edition 1.20.2 and Vault Enterprise 1.20.2, 1.19.8, 1.18.13, and...

Gitcolombo - Extract And Analyze Contributors Info From Git Repos

OSINT tool to extract info about persons from git repositories: common names, emails, matches between different as it may seems accounts. Using 1. Install git 2. Run: repos by nickname ./gitcolombo.py --nickname LubyRuffy" from any git url ./gitcolombo.py -u...

PayControl - Customized SSL, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application PayControl published at the 'play' market has multiple vulnerabilities...

My Verisure - Customized SSL, Hardcoded secrets, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application My Verisure published at the 'play' market has multiple vulnerabilities...

Pixel Guru - Customized SSL, Redefined SSL Common Names verifier, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Pixel Guru published at the 'play' market has multiple vulnerabilities...

Vivalines Turizm - Base64 encoded String, Customized SSL, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Vivalines Turizm published at the 'play' market has multiple vulnerabilities...

PadTV HD - Customized SSL, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application PadTV HD published at the 'play' market has multiple vulnerabilities...

Mood Messenger - SMS & MMS - Base64 encoded String, Exported ContentProvider, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Mood Messenger - SMS & MMS published at the 'play' market has multiple vulnerabilities...

TouchPal Keyboard-Cute emoji,theme, sticker, gif - Exported ContentProvider, Redefined SSL Common Names verifier, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application TouchPal Keyboard-Cute emoji,theme, sticker, gif published at the 'play' market has multiple vulnerabilities...

N26 – The Mobile Bank - Customized SSL, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application N26 – The Mobile Bank published at the 'play' market has multiple vulnerabilities...

iPOS - לאומי קארד - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application iPOS - לאומי קארד published at the 'play' market has multiple vulnerabilities...

Privat24 - Customized SSL, Hardcoded secrets, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Privat24 published at the 'play' market has multiple vulnerabilities...

Jabong - ONLINE FASHION STORE - Customized SSL, Redefined SSL Common Names verifier, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Jabong - ONLINE FASHION STORE published at the 'play' market has multiple vulnerabilities...

JIBIT - Customized SSL, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application JIBIT published at the 'play' market has multiple vulnerabilities...

AEK, EUSKARA PRAKTIKOA - Customized SSL, Redefined SSL Common Names verifier, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application AEK, EUSKARA PRAKTIKOA published at the 'play' market has multiple vulnerabilities...

Lightning Web Browser - Customized SSL, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Lightning Web Browser published at the 'play' market has multiple vulnerabilities...

تأميناتي - Customized SSL, MIT license, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application تأميناتي published at the 'play' market has multiple vulnerabilities...

Radio Nacidos Para Triunfar - Customized SSL, Redefined SSL Common Names verifier, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Radio Nacidos Para Triunfar published at the 'play' market has multiple vulnerabilities...

AlarmMon - Customized SSL, Insecure SSL socket, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application AlarmMon published at the 'play' market has multiple vulnerabilities...