EUVD-2021-30133

Malicious code in bioql PyPI...

CVE-2021-39081

IBM Cognos Analytics Mobile for Android 1.1.14 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

Ryde Technologies RYDE 信任管理问题漏洞

Ryde Technologies RYDE is a travel software from Ryde Technologies, USA. A security vulnerability exists in Ryde Technologies RYDE version 5.8.43 and earlier, which stems from an information disclosure due to insecure hostname authentication on Android and iOS, and can be exploited by an attacker...

CVE-2021-39079

IBM Cognos Analytics Mobile for Android applications prior to version 1.1.14 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

CVE-2020-5573

Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors...

CVE-2019-20777

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA Provisioning on V40 and G7 devices. The LG ID is LVE-SMP-190006 July 2019...

CVE-2019-20772

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Account subsystem allows authorization bypass. The LG ID is LVE-SMP-190007 August 2019...

CVE-2019-0256

Under certain conditions SAP Business One Mobile Android App, version 1.2.12, allows an attacker to access information which would otherwise be restricted...

CVE-2019-0256

Under certain conditions SAP Business One Mobile Android App, version 1.2.12, allows an attacker to access information which would otherwise be restricted...

SAP Business Objects Mobile for Android Input Validation Vulnerability

SAP Business Objects Mobile for Android is an Android-based business intelligence application from SAP. The program is able to connect to the SAP BussinessObjects business intelligence platform and view data. An input validation vulnerability exists in versions of SAP Business Objects Mobile prio...

CVE-2019-0240

SAP Business Objects Mobile for Android before 6.3.5 application allows an attacker to provide malicious input in the form of a SAP BI link, preventing legitimate users from accessing the application by crashing it...

CVE-2016-1186

Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL server certificates...

kintone mobile for Android fails to verify SSL server certificates

Overview kintone mobile for Android provided by Cybozu, Inc. fails to verify SSL server certificates in WebView. Note that this vulnerability is different from JVN91816422. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc...

Siemens COMPAS Mobile Application Input Validation Vulnerability

Siemens COMPAS Mobile application for Android is an Android-based application from Siemens for quickly searching and viewing existing quotations and orders as well as generating reports and drawings. A security vulnerability exists in versions 1.5 and earlier of the Siemens COMPAS Mobile...

Multiple SQL Injection Vulnerabilities in Panmicro's Mobile OA Solution e-mobile

E-Mobile is a mobile office product based on Android client released by Shanghai Panmicro Network Technology Co. There are multiple SQL injection vulnerabilities in Panmicro's mobile OA solution, e-mobile. It allows attackers to utilize commonly used SQL injection tools to obtain sensitive databa...

Information disclosure vulnerability in Sleipnir Mobile for Android

Overview Sleipnir Mobile for Android contains an issue in handling Geolocation API, which may result in the disclosure of a user's location. Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains an issue in handling Geolocation API, which may resul...

Sleipnir Mobile for Android vulnerable to address bar spoofing

Overview Sleipnir Mobile for Android contains an issue when opening a new window, which may result in the address bar being spoofed. Keita Haga of keitahaga.com reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impac...

Sleipnir Mobile for Android loads arbitrary Extension API

Overview Sleipnir Mobile for Android has an Extension mechanism to customize browser functions, and this Extension function makes calls to an Extension API. Sleipnir Mobile for Android contains an issue that may allow a specially crafted web page to load an arbitrary Extension API. Keita Haga of...

Sleipnir Mobile for Android vulnerable in the WebView class

Overview Sleipnir Mobile for Android contains a vulnerability in the WebView class. Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this...

JVN#88643450: Sleipnir Mobile for Android vulnerable in the WebView class

Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains a vulnerability in the WebView class. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. Solution...