Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mobile security vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5565
The GadgetTrak Mobile Security (aka com.activetrak.android.app) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Gadgettrak Gadgettrak Mobile Security 1.6
5.9
CVSSv3
CVE-2017-8060
Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows a man-in-the-middle and/or physically proximate malicious user to silently intercept information sent during the login API call.
Watchguard Panda Mobile Security 1.1
NA
CVE-2014-5642
The IMPI Mobile Security (aka com.impi) application 2.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Impi Impi Mobile Security 2.1.0
7.5
CVSSv3
CVE-2015-7732
The Avira Mobile Security app prior to 1.5.11 for iOS sends sensitive login information in cleartext.
Avira Avira Mobile Security 1.5.7
NA
CVE-2014-5672
The NQ Mobile Security & Antivirus (aka com.nqmobile.antivirus20) application 7.2.16.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Nq Nq Mobile Security & Antivirus 7.2.16.00
6.5
CVSSv3
CVE-2019-10413
Jenkins Data Theorem: CI/CD Plugin 1.3 and previous versions stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system.
Jenkins Data Theorem Mobile App Security
5.9
CVSSv3
CVE-2017-1476
IBM Security Access Manager Appliance 7.0.0, 8.0.0 up to and including 8.0.1.6, and 9.0.0 up to and including 9.0.3.1 could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could ex...
Ibm Security Access Manager
Ibm Security Access Manager For Web
Ibm Security Access Manager For Mobile
5.3
CVSSv3
CVE-2017-1474
IBM Security Access Manager Appliance 7.0.0, 8.0.0 up to and including 8.0.1.6, and 9.0.0 up to and including 9.0.3.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 128606.
Ibm Security Access Manager
Ibm Security Access Manager For Mobile
Ibm Security Access Manager For Web
4.3
CVSSv3
CVE-2017-1480
IBM Security Access Manager Appliance 8.0.0 up to and including 8.0.1.6, and 9.0.0 up to and including 9.0.3.1 stores potentially sensitive information in log files that could be read by a remote user. IBM X-Force ID: 128617.
Ibm Security Access Manager
Ibm Security Access Manager For Web
Ibm Security Access Manager For Mobile
9.8
CVSSv3
CVE-2020-10180
The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions prior to 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Andr...
Eset Nod32 Antivirus 4
Eset Smart Security
Eset Nod32 Antivirus
Eset Mobile Security
Eset Smart Tv Security
Eset Cyber Security
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »