CVE-2024-36279

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-649
View all →

Vulnerability Description

Reliance on obfuscation or encryption of security-relevant inputs without integrity checking issue exists in "FreeFrom - the nostr client" App versions prior to 1.3.5 for Android and iOS. If this vulnerability is exploited, the content of direct messages (DMs) between users may be manipulated by a man-in-the-middle attack.

Related Vulnerabilities

CVE-2010-3300

MEDIUM
CVSS:5.9(Medium)

It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks.

CWE-6492010

CVE-2019-3730

MEDIUM
CVSS:5.9(Medium)

RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known a...

CWE-6492019

CVE-2024-10772

HIGH
CVSS:8.8(High)

Since the firmware update is not validated, an attacker can install modified firmware on the device. This has a high impact on the availabilty, integrity and confidentiality up to the complete comprom...

CWE-6492024

CVE-2010-3300

MEDIUM
CVSS:5.9(Medium)

It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks.

CWE-6492010

CVE-2019-3730

MEDIUM
CVSS:5.9(Medium)

RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known a...

CWE-6492019