CVE-2024-56948

An issue in KuGou Technology CO. LTD KuGou Music iOS v20.0.0 allows attackers to access sensitive user information via supplying a crafted link...

CVE-2023-48644

An issue was discovered in the Archibus app 4.0.3 for iOS. There is an XSS vulnerability in the create work request feature of the maintenance module, via the description field. This allows an attacker to perform an action on behalf of the user, exfiltrate data, and so on...

CVE-2022-23625

Wire-ios is a messaging application using the wire protocol on apple's ios platform. In versions prior to 3.95 malformed resource identifiers may render the iOS Wire Client completely unusable by causing it to repeatedly crash on launch. These malformed resource identifiers can be generated and...

CVE-2019-10044

Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if for example Latin and Cyrillic characters...

CVE-2019-20801

An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code that accesses a user's data via...

CVE-2019-14951

The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Lexus vehicles, has an incorrect protection mechanism against brute-force attacks on the authentication process, which makes it easier for attackers to obtain multimedia-screen access via port 7050 on the cellular network, as...

CVE-2019-13607

The Opera Mini application through 16.0.14 for iOS has a UXSS vulnerability that can be triggered by performing navigation to a javascript: URL...

CVE-2012-5184

Cross-site scripting XSS vulnerability in the Olive Toast Documents Pro File Viewer formerly Files HD app before 1.11.1 for iOS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2025-2909 Lack of encryption vulnerability in DuoxMe

The lack of encryption in the DuoxMe formerly Blue application binary in versions prior to 3.3.1 for iOS devices allows an attacker to gain unauthorised access to the application code and discover sensitive information...

CVE-2025-2909

CVE-2025-2909 affects DuoxMe (iOS) prior to version 3.3.1. The root cause is lack of encryption in the application binary, allowing an attacker to gain unauthorised access to the app code and discover sensitive information. Public details in connected documents explicitly describe the vulnerabili...

CVE-2025-2909 Lack of encryption vulnerability in DuoxMe

The lack of encryption in the DuoxMe formerly Blue application binary in versions prior to 3.3.1 for iOS devices allows an attacker to gain unauthorised access to the application code and discover sensitive information...

CVE-2024-57062

An issue in SoundCloud IOS application v.7.65.2 allows a local attacker to escalate privileges and obtain sensitive information via the session handling component...

CVE-2024-57062

An issue in SoundCloud IOS application v.7.65.2 allows a local attacker to escalate privileges and obtain sensitive information via the session handling component...

CVE-2024-57062

An issue in SoundCloud IOS application v.7.65.2 allows a local attacker to escalate privileges and obtain sensitive information via the session handling component...

CVE-2024-57062

CVE-2024-57062 affects the SoundCloud iOS app, version 7.65.2. The issue is a privilege escalation via the app’s session handling component, enabling a local attacker to access sensitive information. The connected sources confirm the affected software/version and the local-exploitability vector, ...

CVE-2024-57062

An issue in SoundCloud IOS application v.7.65.2 allows a local attacker to escalate privileges and obtain sensitive information via the session handling component...

CVE-2021-41719

Maharashtra State Electricity Distribution Company Limited Mahavitran IOS Application 16.1 application till version 16.1 communicates using the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the...

CVE-2024-55907

IBM Cognos Analytics Mobile 1.1 for iOS application could allow an attacker to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions, algorithms and functions used due to weak obfuscation...

CVE-2021-41719

Maharashtra State Electricity Distribution Company Limited Mahavitran IOS Application 16.1 application till version 16.1 communicates using the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the...

CVE-2021-41719

Maharashtra State Electricity Distribution Company Limited Mahavitran IOS Application 16.1 application till version 16.1 communicates using the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the...