Lucene search
K

274 matches found

OSV
OSV
added 2021/09/08 6:15 p.m.5 views

CVE-2021-36215

LINE client for iOS 10.21.3 and before allows address bar spoofing due to inappropriate address handling...

5.3CVSS6.1AI score0.00776EPSS
Exploits0References1
NVD
NVD
added 2021/09/08 5:15 p.m.20 views

CVE-2021-33982

An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3.8.0 and earlier, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions...

7.5CVSS0.0112EPSS
Exploits0References1
OSV
OSV
added 2021/09/08 5:15 p.m.3 views

CVE-2021-33982

An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3.8.0 and earlier, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions...

7.5CVSS7.2AI score0.0112EPSS
Exploits0References1
Prion
Prion
added 2021/09/08 5:15 p.m.10 views

Deserialization of untrusted data

An insecure, direct object vulnerability in hunting/fishing license retrieval function of the "Fish | Hunt FL" iOS app versions 3.8.0 and earlier allows a remote authenticated attacker to retrieve other people's personal information and images of their hunting/fishing licenses...

4CVSS4.1AI score0.00811EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/09/08 5:15 p.m.14 views

Session fixation

An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3.8.0 and earlier, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions...

5CVSS7.2AI score0.0112EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/09/08 4:50 p.m.39 views

CVE-2021-33981

CVE-2021-33981 affects the Fish | Hunt FL iOS app (versions 3.8.0 and earlier). The issue is an insecure direct object vulnerability in the hunting/fishing license retrieval function, allowing a remote authenticated attacker to access other users’ personal information and license images. Root cau...

4.3CVSS4AI score0.00811EPSS
Exploits0References1Affected Software1
Wired Threat Level
Wired Threat Level
added 2021/07/31 2:0 p.m.67 views

The Top 30 Vulnerabilities Include Plenty of Usual Suspects

Plus: A sneaky iOS app, a wiper attack in Iran, and more of the week’s top security news...

6.8AI score
Exploits0
Prion
Prion
added 2021/07/13 6:15 p.m.14 views

Cross site scripting

LINE client for iOS before 10.16.3 allows cross site script with specific header in WebView...

4.3CVSS5.8AI score0.00724EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/06/04 12:0 a.m.6 views

Nextcloud 信息泄露漏洞

Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An information disclosure vulnerability exists in the Nextcloud iOS App that originates from the default Nextcloud Server and iOS Client leaking shared searches to...

6.5CVSS6.6AI score0.01367EPSS
Exploits1References3
CNVD
CNVD
added 2021/03/18 12:0 a.m.7 views

CIRA Canadian Shield Security Feature Vulnerability

CIRA Canadian Shield is an application from CIRA Canada Inc. provides protection from online threats such as malicious domains, phishing sites, and helps keep your personal data private. A security feature vulnerability exists in the CIRA Canadian Shield app for iOS versions prior to 4.0.13 that...

5.9CVSS6.5AI score0.00987EPSS
Exploits1References1
OSV
OSV
added 2021/02/23 12:15 a.m.3 views

CVE-2021-27189

The CIRA Canadian Shield app before 4.0.13 for iOS lacks SSL Certificate Validation...

5.9CVSS6.2AI score
Exploits0References3
CVE
CVE
added 2021/02/22 11:16 p.m.91 views

CVE-2021-27189

CVE-2021-27189 affects the CIRA Canadian Shield iOS app prior to version 4.0.13, which lacks SSL certificate validation. Root cause: improper server certificate validation in the app, enabling potential man-in-the-middle attacks. Impact: an attacker who can perform a MITM could present a bogus ce...

5.9CVSS5.5AI score0.00987EPSS
Exploits1References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/08 8:25 p.m.20 views

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-4995)

Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. The vulnerability concerns session not invalidated after logout in ISAR iOS App. Vulnerability Details CVEID: CVE-2020-4995 DESCRIPTION: IBM Security Access Manager...

5.3CVSS0.8AI score0.0115EPSS
Exploits0Affected Software1
OSV
OSV
added 2020/12/12 7:15 p.m.3 views

CVE-2020-35208

An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authentica...

5.7CVSS6.2AI score0.00474EPSS
Exploits1References2
OSV
OSV
added 2020/09/16 7:15 p.m.3 views

CVE-2020-6781

Improper certificate validation for certain connections in the Bosch Smart Home System App for iOS prior to version 9.17.1 potentially allows to intercept video contents by performing a man-in-the-middle attack...

7.4CVSS7.1AI score0.00452EPSS
Exploits0References1
Hacker One
Hacker One
added 2020/06/17 11:44 a.m.134 views

Mail.ru: Stored XSS that allow an attacker to read victim mailboxes contacts in mail.ru and my.com application

Mail.ru Mail IOS app was vulnerable to local files access on some iOS versions due to cross-application scripting if malcrafted SVG attachment is viewed by user Write-up is here...

2AI score
Exploits0
CNVD
CNVD
added 2020/05/18 12:0 a.m.5 views

Readdle Documents app authorization control vulnerability

Readdle Documents app is a document manager from Readdle Ukraine. The product supports viewing EPUB eBooks, viewing Word and Excel documents and more. A security vulnerability exists in the iOS-based Readdle Documents app prior to version 6.9.7, which stems from the file transfer web server...

5.3CVSS7.2AI score0.01008EPSS
Exploits1References1
OSV
OSV
added 2020/04/24 12:15 a.m.2 views

CVE-2020-12130

The AirDisk Pro app 5.5.3 for iOS allows XSS via the deleteFile parameter of the Delete function...

6.1CVSS5.8AI score0.00686EPSS
Exploits2References1
OSV
OSV
added 2020/04/24 12:15 a.m.3 views

CVE-2020-12131

The AirDisk Pro app 5.5.3 for iOS allows XSS via the devicename parameter shown next to the UI logo...

6.1CVSS6.4AI score0.007EPSS
Exploits2References1
The Hacker News
The Hacker News
added 2020/04/06 12:22 p.m.156 views

Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal. The app has skyrocketed to 200...

7.9AI score
Exploits0
Rows per page
Query Builder