Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mobile security vulnerabilities and exploits
(subscribe to this query)
1.9
CVSSv2
CVE-2013-0122
The avast! Mobile Security application prior to 2.0.4400 for Android allows malicious users to cause a denial of service (application crash) via a crafted application that sends an intent to com.avast.android.mobilesecurity.app.scanner.DeleteFileActivity with zero arguments.
Avast Avast\\! Mobile Security
NA
CVE-2022-40980
A potential unathenticated file deletion vulnerabilty on Trend Micro Mobile Security for Enterprise 9.8 SP5 could allow an attacker with access to the Management Server to delete files. This issue was resolved in 9.8 SP5 Critical Patch 2.
Trendmicro Mobile Security 9.8
4.3
CVSSv2
CVE-2017-8060
Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows a man-in-the-middle and/or physically proximate malicious user to silently intercept information sent during the login API call.
Watchguard Panda Mobile Security 1.1
5.4
CVSSv2
CVE-2014-5565
The GadgetTrak Mobile Security (aka com.activetrak.android.app) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Gadgettrak Gadgettrak Mobile Security 1.6
5.4
CVSSv2
CVE-2014-5642
The IMPI Mobile Security (aka com.impi) application 2.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Impi Impi Mobile Security 2.1.0
5
CVSSv2
CVE-2015-7732
The Avira Mobile Security app prior to 1.5.11 for iOS sends sensitive login information in cleartext.
Avira Avira Mobile Security 1.5.7
4
CVSSv2
CVE-2019-10413
Jenkins Data Theorem: CI/CD Plugin 1.3 and previous versions stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system.
Jenkins Data Theorem Mobile App Security
5.4
CVSSv2
CVE-2014-5672
The NQ Mobile Security & Antivirus (aka com.nqmobile.antivirus20) application 7.2.16.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Nq Nq Mobile Security \\& Antivirus 7.2.16.00
4
CVSSv2
CVE-2017-1480
IBM Security Access Manager Appliance 8.0.0 up to and including 8.0.1.6, and 9.0.0 up to and including 9.0.3.1 stores potentially sensitive information in log files that could be read by a remote user. IBM X-Force ID: 128617.
Ibm Security Access Manager
Ibm Security Access Manager For Web
Ibm Security Access Manager For Mobile
5
CVSSv2
CVE-2017-1474
IBM Security Access Manager Appliance 7.0.0, 8.0.0 up to and including 8.0.1.6, and 9.0.0 up to and including 9.0.3.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 128606.
Ibm Security Access Manager
Ibm Security Access Manager For Mobile
Ibm Security Access Manager For Web
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »