Malicious code in @mobile-sdk/videoads-ad-video-player-html5 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

CVE-2023-20655

In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022...

Security Bulletin: Trusteer SDK for Mobile vulnerable to file upload (CVE-2022-42443)

Summary Security improvements were made to the Trusteer Mobile SDKs for iOS and Android. No code changes are required to take advantage of the improvements, but mobile application creators must rebuild using the latest SDK version and redeploy their mobile apps to take advantage of these...

CVE-2021-33669

Under certain conditions, SAP Mobile SDK Certificate Provider allows a local unprivileged attacker to exploit an insecure temporary file storage. For a successful exploitation user interaction from another user is required and could lead to complete impact of confidentiality integrity and...

CVE-2021-33669

Under certain conditions, SAP Mobile SDK Certificate Provider allows a local unprivileged attacker to exploit an insecure temporary file storage. For a successful exploitation user interaction from another user is required and could lead to complete impact of confidentiality integrity and...

CVE-2021-33669

The CVE-2021-33669 entry concerns SAP Mobile SDK Certificate Provider, where insecure temporary file storage can be abused by a local, unprivileged attacker. Exploitation requires user interaction from another user and is described to potentially impact confidentiality, integrity, and availabilit...