Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mobile security vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2016-6587
An Information Disclosure vulnerability exists in the mid.dat file stored on the SD card in Symantec Norton Mobile Security for Android prior to 3.16, which could let a local malicious user obtain sensitive information.
Symantec Norton Mobile Security
1.9
CVSSv2
CVE-2013-0122
The avast! Mobile Security application prior to 2.0.4400 for Android allows malicious users to cause a denial of service (application crash) via a crafted application that sends an intent to com.avast.android.mobilesecurity.app.scanner.DeleteFileActivity with zero arguments.
Avast Avast\\! Mobile Security
4.3
CVSSv2
CVE-2017-8060
Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows a man-in-the-middle and/or physically proximate malicious user to silently intercept information sent during the login API call.
Watchguard Panda Mobile Security 1.1
5.4
CVSSv2
CVE-2014-5642
The IMPI Mobile Security (aka com.impi) application 2.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Impi Impi Mobile Security 2.1.0
5
CVSSv2
CVE-2015-7732
The Avira Mobile Security app prior to 1.5.11 for iOS sends sensitive login information in cleartext.
Avira Avira Mobile Security 1.5.7
5.4
CVSSv2
CVE-2014-5565
The GadgetTrak Mobile Security (aka com.activetrak.android.app) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Gadgettrak Gadgettrak Mobile Security 1.6
5.4
CVSSv2
CVE-2014-5672
The NQ Mobile Security & Antivirus (aka com.nqmobile.antivirus20) application 7.2.16.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Nq Nq Mobile Security \\& Antivirus 7.2.16.00
4
CVSSv2
CVE-2019-10413
Jenkins Data Theorem: CI/CD Plugin 1.3 and previous versions stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system.
Jenkins Data Theorem Mobile App Security
5
CVSSv2
CVE-2017-1474
IBM Security Access Manager Appliance 7.0.0, 8.0.0 up to and including 8.0.1.6, and 9.0.0 up to and including 9.0.3.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 128606.
Ibm Security Access Manager
Ibm Security Access Manager For Mobile
Ibm Security Access Manager For Web
4
CVSSv2
CVE-2017-1480
IBM Security Access Manager Appliance 8.0.0 up to and including 8.0.1.6, and 9.0.0 up to and including 9.0.3.1 stores potentially sensitive information in log files that could be read by a remote user. IBM X-Force ID: 128617.
Ibm Security Access Manager
Ibm Security Access Manager For Web
Ibm Security Access Manager For Mobile
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »