Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mobile security vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2021-1144
A vulnerability in Cisco Connected Mobile Experiences (CMX) could allow a remote, authenticated attacker without administrative privileges to alter the password of any user on an affected system. The vulnerability is due to incorrect handling of authorization checks for changing ...
Cisco Connected Mobile Experiences 10.6.2
Cisco Connected Mobile Experiences 10.6.0
Cisco Connected Mobile Experiences 10.6.1
187
VMScore
CVE-2015-7731
SAP Mobile Platform 3.0 SP05 ClientHub allows malicious users to obtain the keystream and other sensitive information via the DataVault, aka SAP Security Note 2094830.
Sap Mobile Platform 3.0
445
VMScore
CVE-2015-2818
XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote malicious users to send requests to intranet servers via crafted XML, aka SAP Security Note 2125513.
Sap Mobile Platform 3.0
828
VMScore
CVE-2012-1133
FreeType prior to 2.4.9, as used in Mozilla Firefox Mobile prior to 10.0.4 and other products, allows remote malicious users to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a ...
Mozilla Firefox Mobile 10.0.2
Mozilla Firefox Mobile 10.0.1
Mozilla Firefox Mobile 5.0
Mozilla Firefox Mobile 4.0
Freetype Freetype 2.1
Freetype Freetype 2.0.9
Freetype Freetype 2.4.2
Freetype Freetype 2.3.8
Freetype Freetype 2.3.1
Freetype Freetype 2.3.0
Freetype Freetype 2.1.7
Freetype Freetype 2.1.6
Mozilla Firefox Mobile 10.0
Mozilla Firefox Mobile 9.0
Freetype Freetype 2.4.3
Freetype Freetype 2.1.8
Freetype Freetype 2.3.7
Freetype Freetype 2.3.6
Freetype Freetype 2.4.5
Freetype Freetype 2.2.0
Freetype Freetype 1.3.1
Freetype Freetype 2.0.8
383
VMScore
CVE-2017-9968
A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attack.
Schneider-electric Igss Mobile
605
VMScore
CVE-2015-6664
XML external entity (XXE) vulnerability in the application import functionality in SAP Mobile Platform 2.3 allows remote malicious users to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2152227.
Sap Mobile Platform 2.3
505
VMScore
CVE-2009-2534
RealNetworks Helix Server and Helix Mobile Server prior to 13.0.0 allow remote malicious users to cause a denial of service (daemon crash) via an RTSP SETUP request that (1) specifies the / URI or (2) lacks a / character in the URI.
Realnetworks Helix Server
Realnetworks Helix Server 12.0.0
Realnetworks Helix Server Mobile 11.0
Realnetworks Helix Server 11.0
Realnetworks Helix Server Mobile
1 EDB exploit
668
VMScore
CVE-2015-5068
XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote malicious users to read arbitrary files or possibly have other unspecified impact via a crafted XML request, aka SAP Security Note 2159601.
Sap Mobile Platform 3.0
801
VMScore
CVE-2015-2906
Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, store SSH private keys that are the same across different customers' installations, which makes it easier for remote malicious users to obtain access by lev...
Mobile Devices C4 Obd-ii Dongle Firmware
801
VMScore
CVE-2015-2907
Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, have hardcoded SSH credentials, which makes it easier for remote malicious users to obtain access by leveraging knowledge of the required username and password.
Mobile Devices C4 Obd-ii Dongle Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »