CVE-2025-62399

Moodle’s mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks...

CVE-2025-62399 Moodle: password brute force risk when mobile/web services enabled

Moodle’s mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks...

CVE-2025-62399 Moodle: password brute force risk when mobile/web services enabled

Moodle’s mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks...

Magisk 安全漏洞

Magisk is a suite of open source software for customizing Android by John Wu, an individual developer. A security vulnerability exists in Magisk, which stems from the install function of ProviderInstaller.java not validating a GMS application before loading it...

Android Security Bulletin—September 2022Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2022-09-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

GriftHorse Money-Stealing Trojan Takes 10M Android Users for a Ride

More than 10 million Android users have been saddled with a malware called GriftHorse that’s trojanizing various applications and secretly subscribing victims to premium mobile services – a type of billing fraud that researchers categorize as “fleeceware.” Zimperium uncovered more than 130...

MagicBox Internet Set-Top Box has a Logic Flaw Vulnerability

The business scope of China Mobile Communications Ltd. includes: IP telephony service; Internet access service service, Internet backbone data transmission service; engaging in the design of mobile communications, IP telephony and Internet and other networks. A logic flaw vulnerability exists in...

Save Time by Streamlining Vendor Risk Assessments in the Cloud

As your organization enthusiastically adopts cloud and mobile services from multiple new vendors, are your already-busy security and compliance teams scrambling to assess the risks of using these new providers’ products? Are you still using a manual process for conducting these vendor evaluations...

Android Security Bulletin—May 2016Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Nexus devices through an over-the-air OTA update. The Nexus firmware images have also been released to the Google Developer site...

Design Vulnerability in Baidu Moplus SDK (WormHole Vulnerability)

The Moplus SDK is a public development kit developed in-house by Baidu, which is integrated into numerous Android applications. The "WormHole" vulnerability exists in Baidu's Moplus SDK, which is mainly used to enhance the expansion of Baidu's search engine in smart terminals, and to realize the...