274 matches found
CVE-2021-36215
LINE client for iOS 10.21.3 and before allows address bar spoofing due to inappropriate address handling...
CVE-2021-33982
An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3.8.0 and earlier, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions...
CVE-2021-33982
An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3.8.0 and earlier, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions...
Deserialization of untrusted data
An insecure, direct object vulnerability in hunting/fishing license retrieval function of the "Fish | Hunt FL" iOS app versions 3.8.0 and earlier allows a remote authenticated attacker to retrieve other people's personal information and images of their hunting/fishing licenses...
Session fixation
An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3.8.0 and earlier, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions...
CVE-2021-33981
CVE-2021-33981 affects the Fish | Hunt FL iOS app (versions 3.8.0 and earlier). The issue is an insecure direct object vulnerability in the hunting/fishing license retrieval function, allowing a remote authenticated attacker to access other users’ personal information and license images. Root cau...
The Top 30 Vulnerabilities Include Plenty of Usual Suspects
Plus: A sneaky iOS app, a wiper attack in Iran, and more of the week’s top security news...
Cross site scripting
LINE client for iOS before 10.16.3 allows cross site script with specific header in WebView...
Nextcloud 信息泄露漏洞
Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An information disclosure vulnerability exists in the Nextcloud iOS App that originates from the default Nextcloud Server and iOS Client leaking shared searches to...
CIRA Canadian Shield Security Feature Vulnerability
CIRA Canadian Shield is an application from CIRA Canada Inc. provides protection from online threats such as malicious domains, phishing sites, and helps keep your personal data private. A security feature vulnerability exists in the CIRA Canadian Shield app for iOS versions prior to 4.0.13 that...
CVE-2021-27189
The CIRA Canadian Shield app before 4.0.13 for iOS lacks SSL Certificate Validation...
CVE-2021-27189
CVE-2021-27189 affects the CIRA Canadian Shield iOS app prior to version 4.0.13, which lacks SSL certificate validation. Root cause: improper server certificate validation in the app, enabling potential man-in-the-middle attacks. Impact: an attacker who can perform a MITM could present a bogus ce...
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-4995)
Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. The vulnerability concerns session not invalidated after logout in ISAR iOS App. Vulnerability Details CVEID: CVE-2020-4995 DESCRIPTION: IBM Security Access Manager...
CVE-2020-35208
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authentica...
CVE-2020-6781
Improper certificate validation for certain connections in the Bosch Smart Home System App for iOS prior to version 9.17.1 potentially allows to intercept video contents by performing a man-in-the-middle attack...
Mail.ru: Stored XSS that allow an attacker to read victim mailboxes contacts in mail.ru and my.com application
Mail.ru Mail IOS app was vulnerable to local files access on some iOS versions due to cross-application scripting if malcrafted SVG attachment is viewed by user Write-up is here...
Readdle Documents app authorization control vulnerability
Readdle Documents app is a document manager from Readdle Ukraine. The product supports viewing EPUB eBooks, viewing Word and Excel documents and more. A security vulnerability exists in the iOS-based Readdle Documents app prior to version 6.9.7, which stems from the file transfer web server...
CVE-2020-12130
The AirDisk Pro app 5.5.3 for iOS allows XSS via the deleteFile parameter of the Delete function...
CVE-2020-12131
The AirDisk Pro app 5.5.3 for iOS allows XSS via the devicename parameter shown next to the UI logo...
Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know
Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal. The app has skyrocketed to 200...