6 matches found
CVE-2026-31592
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Protect all of sevmemencregisterregion with kvm-lock Take and hold kvm-lock for before checking sevguest in sevmemencregisterregion, as sevguest isn't stable unless kvm-lock is held or KVM can guarantee KVMSEVINIT2 has...
CVE-2017-15582
In net.MCrypt in the "Diary with lock" aka WriteDiary application 4.72 for Android, hardcoded SecretKey and iv variables are used for the AES parameters, which makes it easier for attackers to obtain the cleartext of stored diary entries...
CVE-2017-15581
In the "Diary with lock" aka WriteDiary application 4.72 for Android, neither HTTPS nor other encryption is used for transmitting data, despite the documentation that the product is intended for "a personal journal of ... secrets and feelings," which allows remote attackers to obtain sensitive...
Privilege escalation
In the "Diary with lock" aka WriteDiary application 4.72 for Android, neither HTTPS nor other encryption is used for transmitting data, despite the documentation that the product is intended for "a personal journal of ... secrets and feelings," which allows remote attackers to obtain sensitive...
CVE-2017-15582
The CVE-2017-15582 entry concerns the Android app Diary with lock (WriteDiary) v4.72, where the AES parameters are compromised by hardcoded SecretKey and IV in net.MCrypt. This root cause enables attackers to potentially obtain cleartext of stored diary entries. The provided connected documents c...
CVE-2017-15581
CVE-2017-15581 affects the Android application Diary with lock (WriteDiary) version 4.72. The issue is that neither HTTPS nor other encryption is used for transmitting data during LoginActivity or NoteActivity, despite product documentation indicating it’s for sensitive personal information. This...