Gmail - Customized SSL, Exported ContentProvider, Hardcoded secrets vulnerabilities

HackApp vulnerability scanner discovered that application Gmail published at the 'play' market has multiple vulnerabilities...

CVE-2016-10125

D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session...

PT-2017-7751 · D Link · D-Link Dcs-1100

Name of the Vulnerable Software and Affected Versions: D-Link DGS-1100 devices with Rev.B firmware version 1.01.018 Description: The issue concerns a hardcoded SSL private key, which enables man-in-the-middle attackers to spoof devices by hijacking an HTTPS session. Recommendations: For D-Link...

Barclays Center - Customized SSL, Hardcoded secrets, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Barclays Center published at the 'play' market has multiple vulnerabilities...

Pittsburgh Steelers - Dangerous filesystem permissions, Hardcoded secrets, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Pittsburgh Steelers published at the 'play' market has multiple vulnerabilities...

Hardcoded credentials

Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign = or a space into the injected HTML, which greatly reduces the available HTML functionality...

CVE-2016-3685

SAP Download Manager 2.1.142 and earlier generates an encryption key from a small key space on Windows and Mac systems, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of a hardcoded key in the program code and a computer BIOS serial...

CVE-2016-3684

SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of this key, aka SAP Security Note 2282338...

Hardcoded credentials

SAP Download Manager 2.1.142 and earlier generates an encryption key from a small key space on Windows and Mac systems, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of a hardcoded key in the program code and a computer BIOS serial...

Hardcoded credentials

SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of this key, aka SAP Security Note 2282338...

CVE-2016-3684

SAP Download Manager (versions up to 2.1.142) stores sensitive values in a configuration file encrypted with a hard-coded key. On Windows/Mac, the key combines the BIOS serial with a fixed key; on Linux/other platforms, the key is a fixed hard-coded value. This enables context-dependent attackers...

UOB Mighty - Customized SSL, Dangerous filesystem permissions, Hardcoded secrets vulnerabilities

HackApp vulnerability scanner discovered that application UOB Mighty published at the 'play' market has multiple vulnerabilities...

SBB Mobile Business - Base64 encoded String, Customized SSL, Hardcoded secrets vulnerabilities

HackApp vulnerability scanner discovered that application SBB Mobile Business published at the 'play' market has multiple vulnerabilities...

Hardcoded credentials

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service segmentation fault and crash via a crafted HTML page...

Hardcoded credentials

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service segmentation fault and crash via a crafted HTML page...

Hardcoded credentials

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service segmentation fault and crash via a crafted HTML page...

Hardcoded credentials

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service segmentation fault and crash via a crafted HTML page...

Hardcoded credentials

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service segmentation fault and crash via a crafted HTML page...

Hardcoded credentials

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service segmentation fault and crash via a crafted HTML page...

Hardcoded credentials

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service segmentation fault and crash via a crafted HTML page...