17 matches found
EUVD-2017-6206
Malware in sbrugna...
EUVD-2021-8994
Malicious code in bioql PyPI...
CVE-2021-21823
An information disclosure vulnerability exists in the Friend finder functionality of GmbH Komoot version 10.26.9 up to 11.1.11. A specially crafted series of network requests can lead to the disclosure of sensitive information...
Malicious code in @komoot/kvstore (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 69080cf029fa20c98da2bad77409a3d11fedade172f91af674b8161e64755928 The OpenSSF Package Analysis project identified '@komoot/kvstore' @ 5.5.6 npm as malicious. It is considered malicious because: - The package...
MAL-2025-601 Malicious code in @komoot/kvstore (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 69080cf029fa20c98da2bad77409a3d11fedade172f91af674b8161e64755928 The OpenSSF Package Analysis project identified '@komoot/kvstore' @ 5.5.6 npm as malicious. It is considered malicious because: - The package...
CVE-2021-21823
An information disclosure vulnerability exists in the Friend finder functionality of GmbH Komoot version 10.26.9 up to 11.1.11. A specially crafted series of network requests can lead to the disclosure of sensitive information...
CVE-2021-21823
An information disclosure vulnerability exists in the Friend finder functionality of GmbH Komoot version 10.26.9 up to 11.1.11. A specially crafted series of network requests can lead to the disclosure of sensitive information...
Information disclosure
An information disclosure vulnerability exists in the Friend finder functionality of GmbH Komoot version 10.26.9 up to 11.1.11. A specially crafted series of network requests can lead to the disclosure of sensitive information...
CVE-2021-21823
An information disclosure vulnerability exists in the Friend finder functionality of GmbH Komoot version 10.26.9 up to 11.1.11. A specially crafted series of network requests can lead to the disclosure of sensitive information...
CVE-2021-21823
Komoot GmbH Komoot Android app: The Friend finder allows substring search in versions 10.26.9–11.1.11, enabling enumeration of user emails and profile IDs via crafted requests. This information disclosure impact is documented with CVSSv3 5.3. Vendor patch issued in 2021-05-28; apply the patched r...
komoot 信息泄露漏洞
komoot is an outdoor sports navigation software. An information disclosure vulnerability exists in Komoot, which stems from a failure of the product's friend finder feature to securely handle network requests. The vulnerability can be exploited to cause information disclosure. The following...
Komoot GmbH Komoot Friend finder information disclosure vulnerability
Talos Vulnerability Report TALOS-2021-1288 Komoot GmbH Komoot Friend finder information disclosure vulnerability June 9, 2021 CVE Number CVE-2021-21823 Summary An information disclosure vulnerability exists in the Friend finder functionality of GmbH Komoot version 10.26.9 up to 11.1.11. A special...
CVE-2017-14709
The komoot GmbH "Komoot - Cycling & Hiking Maps" app before 9.3.2 -- aka komoot-cycling-hiking-maps/id447374873 -- for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2017-14709
The komoot GmbH "Komoot - Cycling & Hiking Maps" app before 9.3.2 -- aka komoot-cycling-hiking-maps/id447374873 -- for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The komoot GmbH "Komoot - Cycling & Hiking Maps" app before 9.3.2 -- aka komoot-cycling-hiking-maps/id447374873 -- for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2017-14709
The komoot GmbH "Komoot - Cycling & Hiking Maps" app before 9.3.2 -- aka komoot-cycling-hiking-maps/id447374873 -- for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2017-14709
The CVE-2017-14709 entry concerns the komoot GmbH iOS app (before 9.3.2) where the app fails to verify X.509 certificates from SSL servers. This allows an attacker performing a MITM attack to spoof servers and obtain sensitive information via a crafted certificate. Affected software is the Komoot...