13 matches found
EUVD-2016-2288
Malware in sbrugna...
EUVD-2016-8665
Malware in sbrugna...
EUVD-2020-26735
Malware in sbrugna...
Cybozu Kintone Mobile Information Disclosure Vulnerability
Cybozu Kintone Mobile is an office application for mobile platforms from Cybozu Japan. The program supports file uploading, editing records, and push notifications. An information disclosure vulnerability exists in Cybozu Kintone Mobile versions 1.0.0 through 2.5 for the Android-based platform. T...
CVE-2020-5573
Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors...
Design/Logic Flaw
Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors...
CVE-2020-5573
Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors...
JVN#78745667: Multiples security updates for multiple Cybozu products
Cybozu, Inc. has released multiple security updates for multiple Cybozu products. CyVDB-2465 Credential Disclosure Vulnerability - CVE-2020-5572 CyVDB-2484 Credential Disclosure Vulnerability - CVE-2020-5573 Impact A user who can login to the product may obtain sensitive information registered in...
CVE-2016-1186
Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL server certificates...
kintone mobile for Android fails to verify SSL server certificates
Overview kintone mobile for Android provided by Cybozu, Inc. fails to verify SSL server certificates in WebView. Note that this vulnerability is different from JVN91816422. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc...
JVN#20252219: kintone mobile for Android fails to verify SSL server certificates
kintone mobile for Android provided by Cybozu, Inc. fails to verify SSL server certificates in WebView. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provid...
JVN#91816422: kintone mobile for Android fails to verify SSL server certificates
kintone mobile for Android provided by Cybozu, Inc. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by the...
JVN#89026267: kintone mobile for Android information management vulnerability
kintone mobile for Android provided by Cybozu, Inc. contains an authentication information management vulnerability. Impact If using Android versions prior to 4.1, the token may be disclosed by an application with READLOGS permission or by a user who can access the device. If using Android versio...