EUVD-2020-5405

Malware in sbrugna...

EUVD-2020-5879

Malware in sbrugna...

The vulnerability of the chat and video call messaging application stashcat for operating systems macOS, Windows, iOS, and Android allows a perpetrator to disclose protected information.

The vulnerability of the stashcat messaging and video call application for operating systems macOS, Windows, iOS, and Android relates to the insecure storage of critical information. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

Code injection

An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. It stores the clientkey, the deviceid, and the public key for end-to-end encryption in cleartext, enabling an attacker by copying or having access to the local storage databas...

Heineking Media stashcat app information disclosure vulnerability

Heineking Media stashcat app is an instant messaging application from Heineking Media, Germany. An information disclosure vulnerability exists in Heineking Media stashcat app version 3.9.1 and prior versions, which can be exploited by an attacker to obtain sensitive information by reading web...

CVE-2020-13129

An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and possibly other platforms. The GET method is used with clientkey and deviceid data in the query string, which allows attackers to obtain sensitive information by reading web-server logs...

Design/Logic Flaw

An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and possibly other platforms. The GET method is used with clientkey and deviceid data in the query string, which allows attackers to obtain sensitive information by reading web-server logs...