157 matches found
udn News Information Disclosure Vulnerability
udn News is a news application from China United News udn Inc. An information disclosure vulnerability exists in udn News versions prior to 4.20.1, which stems from storing a user's session in a logcat file during user login, which can be retrieved by a malicious attacker who can use it to log in...
CVE-2021-43419
An Information Disclosure vulnerability exists in Opay Mobile application 1.5.1.26 and maybe be higher in the logcat app...
CVE-2021-43419
An Information Disclosure vulnerability exists in Opay Mobile application 1.5.1.26 and maybe be higher in the logcat app...
Information disclosure
An Information Disclosure vulnerability exists in Opay Mobile application 1.5.1.26 and maybe be higher in the logcat app...
CVE-2021-43419
An Information Disclosure vulnerability exists in Opay Mobile application 1.5.1.26 and maybe be higher in the logcat app...
SUSE CVE-2015-3815
The detectversion function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not check the length of the payload, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a packet with a crafted payload, as...
Analyzing and remediating a malware infested T95 TV box from Amazon
A couple of weeks ago, security news outlets made their rounds reporting on an Android TV box available on Amazon that came pre-installed with malware. The findings came from a Canadian developer, Daniel Milisic, who posted on his GitHub. What Daniel found was an Android T95 TV box infected with...
Adware found on Google Play — PDF Reader serving up full screen ads
A PDF reader found on Google Play with over one million downloads is aggressively displaying full screen ads, even when the app is not in use. More specifically, the reader is known as PDF reader - documents viewer, package name com.document.pdf.viewer. As a result, this aggressive behavior lands...
CVE-2020-35456
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view private chat messages and media files via logcat because of excessive logging...
CVE-2020-35456
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view private chat messages and media files via logcat because of excessive logging...
Code injection
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view private chat messages and media files via logcat because of excessive logging...
CVE-2020-35456
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view private chat messages and media files via logcat because of excessive logging...
Google Play Diibear 安全漏洞
Google Play Diibear is an application from Google Play. It provides a feature that allows parents to use the application to stay in touch with the kindergarten and get information about their children's learning and play as well as kindergarten newsletters and announcements. A security...
My AIA SG application security vulnerability
A security vulnerability exists in My AIA SG application 1.2.6 for Android that allows attackers to obtain user credentials via logcat due to excessive logging...
Information Exposure in cordova-android
Versions of cordova-android prior to 6.0.0 are vulnerable to Information Exposure through log files. The application calls methods of the Log class. Messages passed to these methods Log.v, Log.d, Log.i, Log.w, and Log.e are stored in a series of circular buffers on the device. By default, a maxim...
CVE-2020-6653
Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's...
CVE-2020-6653
Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's...
Information disclosure
Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's...
Unspecified Vulnerability in Tecno Camon (CNVD-2020-14795)
The Tecno Camon is a Camon series smartphone from the Chinese company Transocean. An unspecified vulnerability exists in Tecno Camon. The vulnerability can be exploited to execute code or commands with system privileges to record the screen, restore factory settings, obtain the user's Wi-Fi...
Unspecified Vulnerability in Tecno Camon iClick (CNVD-2020-14790)
The Transn Tecno Camon iClick is a smartphone from the Chinese company Transn. An unspecified vulnerability exists in Tecno Camon iClick. The vulnerability can be exploited to execute code or commands with system privileges to record the screen, restore factory settings, obtain the user's Wi-Fi...