15 matches found
CVE-2022-0131
Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...
CVE-2022-35734
'Hulu / フールー' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...
EUVD-2020-26828
Malware in sbrugna...
EUVD-2022-15344
Malicious code in bioql PyPI...
EUVD-2022-38608
Malicious code in bioql PyPI...
EUVD-2021-8162
Malicious code in bioql PyPI...
CVE-2024-38480
"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an external service, which may allow a local attacker to obtain the API key. Note that the users of the app are not directly affected by this vulnerability...
CVE-2020-5667
Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS v8.29.0 and earlier use a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...
CVE-2024-38480
"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an external service, which may allow a local attacker to obtain the API key. Note that the users of the app are not directly affected by this vulnerability...
CVE-2024-38480
"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an external service, which may allow a local attacker to obtain the API key. Note that the users of the app are not directly affected by this vulnerability...
JVN#96154238: Android App "Spoon" uses a hard-coded API key for an external service
Android App "Spoon" provided by Spoon Radio Japan Inc. uses a hard-coded API key for an external service CWE-798. Impact The hard-coded API key may be retrieved when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service. Note that t...
JVN#40907489: "Hulu / フールー" App for Android uses a hard-coded API key for an external service
"Hulu / フールー" App for Android provided by HJ Holdings, Inc. uses a hard-coded API key for an external service CWE-798. Impact The hard-coded API key may be retrieved via reverse-engineering the application binary. Note that the application users are not directly affected by this vulnerability...
CVE-2022-0131
Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...
CVE-2021-20748
Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...
JVN#26891339: Multiple vulnerabilities in Retty App
Retty App provided by Retty Inc. contains multiple vulnerabilities listed below. The app is launched by Custom URL Scheme and a user may be led to access an arbitrary URL CWE-939 - CVE-2021-20747 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N| Base Score:...