Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:9 a.m.8 views

CVE-2023-50294

The App Settings /admin/app page in GROWI versions prior to v6.0.6 stores sensitive information in cleartext form. As a result, the Secret access key for external service may be obtained by an attacker who can access the App Settings page...

6.5CVSS6.4AI score0.00317EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:36 p.m.4 views

CVE-2021-20748

Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

7.5CVSS6.7AI score0.01037EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/06/28 4:18 a.m.2 views

"Piccoma" App uses a hard-coded API key for an external service

Overview "Piccoma" App for Android and "Piccoma" App for iOS provided by Kakao piccoma Corp. use a hard-coded API key for an external service CWE-798. Yoshihito Sakai of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securit...

4CVSS6.4AI score0.00169EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/01/23 7:53 a.m.3 views

Android App "Spoon" uses a hard-coded API key for an external service

Overview Android App "Spoon" provided by Spoon Radio Japan Inc. uses a hard-coded API key for an external service CWE-798. Yoshihito Sakai of BroadBand Security, Inc reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

5.5CVSS6.6AI score0.00163EPSS
Exploits0References6
OSV
OSV
added 2023/04/11 9:15 a.m.2 views

CVE-2023-22429

Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials API key for an external service, which may allow a local attacker to obtain the hard-coded API key via reverse-engineering the application binary...

7.8CVSS6.3AI score
Exploits0References2
OSV
OSV
added 2022/08/16 8:15 a.m.4 views

CVE-2022-35734

'Hulu / フールー' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

7.5CVSS5.8AI score0.00575EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/01/17 10:15 a.m.9 views

CVE-2022-0131

Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

3.3CVSS5.4AI score0.00203EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/07/14 2:15 a.m.3 views

CVE-2021-20748

Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

7.5CVSS5.8AI score0.01037EPSS
Exploits0References2
OSV
OSV
added 2020/11/06 3:15 a.m.4 views

CVE-2020-5667

Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS v8.29.0 and earlier use a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

5.5CVSS5.8AI score0.00271EPSS
Exploits0References1
Rows per page
Query Builder