20 matches found
EUVD-2019-18572
Malware in sbrugna...
EUVD-2016-2083
Malware in sbrugna...
EUVD-2021-20346
Malware in sbrugna...
Malicious code in molpay-mobile-sdk (npm)
The package molpay-mobile-sdk was found to contain malicious code...
MAL-2025-26619 Malicious code in molpay-mobile-sdk (npm)
The package molpay-mobile-sdk was found to contain malicious code...
Malicious code in @mobile-sdk/videoads-ad-video-player-html5 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
CVE-2021-33669
Under certain conditions, SAP Mobile SDK Certificate Provider allows a local unprivileged attacker to exploit an insecure temporary file storage. For a successful exploitation user interaction from another user is required and could lead to complete impact of confidentiality integrity and...
CVE-2016-15012
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to...
CVE-2023-20655
In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022...
Security Bulletin: Trusteer SDK for Mobile vulnerable to file upload (CVE-2022-42443)
Summary Security improvements were made to the Trusteer Mobile SDKs for iOS and Android. No code changes are required to take advantage of the improvements, but mobile application creators must rebuild using the latest SDK version and redeploy their mobile apps to take advantage of these...
PT-2023-10331 · Salesforce · Salesforcemobilesdk-Windows
Name of the Vulnerable Software and Affected Versions: SalesforceMobileSDK-Windows versions up to 4.x Description: A critical issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs, leading to sql injection. This issue only affects products that are no...
@sweco/sweco-digital-platforms (>=5.0.26 <=5.1.2), @sweetui/sweet-mobile-sdk (>=1.6.3 <=1.6.7) +3 more potentially affected by CVE-2023-26133 via progressbar.js (>=1.0.1 <=1.1.0)
progressbar.js NPM version =1.0.1, =5.0.26, =1.6.3, =2.16.0, =1.0.33, =1.0.13, =1.0.14 Source cves: CVE-2023-26133 Source advisory: SNYK:JS-PROGRESSBARJS-3184152...
CVE-2021-33669
Under certain conditions, SAP Mobile SDK Certificate Provider allows a local unprivileged attacker to exploit an insecure temporary file storage. For a successful exploitation user interaction from another user is required and could lead to complete impact of confidentiality integrity and...
CVE-2021-33669
Under certain conditions, SAP Mobile SDK Certificate Provider allows a local unprivileged attacker to exploit an insecure temporary file storage. For a successful exploitation user interaction from another user is required and could lead to complete impact of confidentiality integrity and...
Design/Logic Flaw
Under certain conditions, SAP Mobile SDK Certificate Provider allows a local unprivileged attacker to exploit an insecure temporary file storage. For a successful exploitation user interaction from another user is required and could lead to complete impact of confidentiality integrity and...
CVE-2021-33669
Under certain conditions, SAP Mobile SDK Certificate Provider allows a local unprivileged attacker to exploit an insecure temporary file storage. For a successful exploitation user interaction from another user is required and could lead to complete impact of confidentiality integrity and...
CVE-2021-33669
The CVE-2021-33669 entry concerns SAP Mobile SDK Certificate Provider, where insecure temporary file storage can be abused by a local, unprivileged attacker. Exploitation requires user interaction from another user and is described to potentially impact confidentiality, integrity, and availabilit...
Security Bulletin: Android Mobile SDK compile builder includes vulnerable components
Summary A third party JSON parser that Android Mobile SDK uses include vulnerable components. The JSON parser is included in the compile builder provided to customers to compile their Mobile SDK manifest. It is not included within customer apps. Vulnerability Details CVEID: CVE-2018-7489...
Security Bulletin: Trusteer Mobile SDK is vulnerable to CVE-2019-17362
Summary Trusteer Mobile SDK which uses libtomcrypto lib is vulnerable to a denial of service issue. IBM has addressed the issue in the latest version of the SDK. Vulnerability Details CVEID: CVE-2019-17362 DESCRIPTION: LibTomCrypt is vulnerable to a denial of service, caused by the failure to...
After School Help AliCloud OSS credentials have information leakage vulnerabilities
After School Help App is an application for elementary and middle school students to communicate after school. An information leakage vulnerability exists in the After School Help AliCloud OSS credentials. The vulnerability is caused by credential leakage due to accessKeyId and accessKeySecret,...