[20170705] - Core - XSS Vulnerability

Inadequate filtering of potentially malicious HTML tags leads to XSS vulnerabilities in various components...

CVE-2017-7986

In Joomla! 1.5.0 through 3.6.5 fixed in 3.7.0, inadequate filtering of specific HTML attributes leads to XSS vulnerabilities in various components...

CoinKeeper: spending tracker - Dangerous filesystem permissions, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application CoinKeeper: spending tracker published at the 'play' market has multiple vulnerabilities...

Design/Logic Flaw

Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices...

[SECURITY] Fedora 26 Update: qt5-qtwebengine-5.8.0-8.fc26

Qt5 - QtWebEngine components...

Apple iOS < 10.3 Multiple Vulnerabilities

Binary data appleios103check.nbin...

Astrill VPN - Exported components, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Astrill VPN published at the 'play' market has multiple vulnerabilities...

[20170403] - Core - XSS Vulnerability

Inadequate filtering of multibyte characters leads to XSS vulnerabilities in various components...

CVE-2016-8407

An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising ...

CVE-2016-6748

An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as...

Information disclosure

An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as...

Information disclosure

An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as...

Apple TV < 9.1 Multiple Vulnerabilities

According to its banner, the version of the remote Apple TV device is prior to 9.1. It is, therefore, affected by multiple vulnerabilities in the following components : - AppleMobileFileIntegrity - Compression - CoreGraphics - CoreMedia Playback - Disk Images - dyld - ImageIO - IOAcceleratorFamil...

Apple iOS < 10.0 Multiple Vulnerabilities

Binary data 9619.prm...

MySQL -- multiple vulnerabilities

The MySQL project reports: CVE-2016-3492: Remote security vulnerability in 'Server: Optimizer' sub component. CVE-2016-5616, CVE-2016-6663: Race condition allows local users with certain permissions to gain privileges by leveraging use of mycopystat by REPAIR TABLE to repair a MyISAM table...

Taxsee: заказ такси - Exported components, External URLs, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Taxsee: заказ такси published at the 'play' market has multiple vulnerabilities...

CVE-2014-9876

drivers/char/diag/diagfwd.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 5X, 6, 6P, and 7 2013 devices mishandles certain integer values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28767796 and Qualcomm internal bug CR48340...

Google Keyboard - Exported components, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Google Keyboard published at the 'play' market has multiple vulnerabilities...

CVE-2014-9780

The CVE-2014-9780 issue affects the Qualcomm mdp3_ctrl.c driver in Android before 2016-07-05 on Nexus 5, 5X, and 6P. It does not validate start and length values, enabling local privilege escalation via a crafted app. Root cause: improper input validation in the MDSS hardware block. Impact stated...

Apple TV < 9.2.1 Multiple Vulnerabilities

According to its banner, the version of the remote Apple TV device is prior to 9.2.1. It is, therefore, affected by multiple vulnerabilities in the following components : - CFNetwork Proxies - CommonCrypto - CoreCapture - Disk Images - ImageIO - IOAcceleratorFamily - IOHIDFamily - Kernel - libc -...