LINE@ for Android version 1.0.0 and LINE@ for iOS version 1.0.0 are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a…

SQL injection vulnerability found in PrestaShop themevolty v.4.0.8 and before allow a remote attacker to gain privileges via the tvcmsblog, tvcmsvideotab, tvcmswishlist, tvcmsbrandlist, tvcmscategorychainslider, tvcmscategoryproduct,…

JHipster generator-jhipster before 2.23.0 allows a timing attack against validateToken due to a string comparison that stops at the first character that is different. Attackers…

A stored XSS in the process overview (bersicht zugewiesener Vorgaenge) in mbsupport openVIVA c2 20220101 allows a remote, authenticated, low-privileged attacker to execute arbitrary code…

tinyfiledialogs (aka tiny file dialogs) before 3.8.0 allows shell metacharacters in titles, messages, and other input data. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri…

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no…

In Window Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This…

In Package Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This…

In Media Projection, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This…

In Activity Manager, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of…