EUVD-2024-47412

Malicious code in bioql PyPI...

CVE-2024-6294 udn News App - Sensitive Information Exposure

udn News Android APP stores the user session in logcat file when user log into the APP. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by udn...

CVE-2024-6294

The CVE-2024-6294 entry concerns udn News Android APP storing the user session in a logcat file during login, enabling a local attacker with physical access or a malicious app to retrieve the session and log into the news app and other services. Public sources confirm the issue as an information ...

udn News Information Disclosure Vulnerability

udn News is a news application from China United News udn Inc. An information disclosure vulnerability exists in udn News versions prior to 4.20.1, which stems from storing a user's session in a logcat file during user login, which can be retrieved by a malicious attacker who can use it to log in...

CVE-2020-6653

Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's...

CVE-2020-6653

Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's...

Information disclosure

Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's...

CVE-2015-3906

The logcatdumptext function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not properly handle a lack of \0 termination, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted message in a...

wireshark-gtk: denial of service

CVE-2015-3808 denial of service There is an infinite loop condition in dissectlbmrpser in epan/dissectors/packet-lbmr.c. It's possible for an attacker to set the the variable 'optionlen' to 0, causing the loop to never terminate. This issue is leading to excessive CPU resources consumption by...

Wireshark 1.10.x < 1.10.14 / 1.12.x < 1.12.5 Multiple DoS Vulnerabilities

The version of Wireshark installed on the remote Windows host is 1.10.x prior to 1.10.14, or 1.12.x prior to 1.12.5. It is, therefore, affected by various denial of service vulnerabilities in the following items : - LBMR dissector CVE-2015-3808, CVE-2015-3809 - WebSocket dissector CVE-2015-3810 -...