![]() ![]() IBM MaaS360 3.96.62 for iOS could allow an attacker with physical access to the device to obtain sensitive information from the agent outside of the container. Because the callback handler did not verify the authenticity of the response, this step is vulnerable to forgery, potentially allowing attacker to associate a Twitter account with a third-party service. This vulnerability affects Firefox for iOS ) on iOS. ![]() ![]() When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting (XSS) attack. Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0.Ĭlient side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction. This issue has been patched in version 2.11.0. By logging the encryption secret to the system logs, attackers can trivially recover the secret by enabling ADB and undermining an app's thread model. The key can be obtained by anyone with access to the Android Debugging Bridge (ADB) if it is enabled in the phone settings. Before version 2.11.0, the react-native-mmkv logged the optional encryption key for the MMKV database into the Android system log. React-native-mmkv is a library that allows easy use of MMKV inside React Native applications. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |