Filtered by vendor Sbi
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-17404 | 1 Sbi | 1 Sbi Buddy | 2024-11-21 | 2.6 LOW | 5.3 MEDIUM |
The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow an attacker to sniff private information such as mobile number, PAN number (from a government-issued ID), and date of birth. | |||||
CVE-2018-17108 | 1 Sbi | 1 Sbi Buddy | 2024-11-21 | 4.3 MEDIUM | 8.8 HIGH |
The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow attackers to perform Account Takeover attacks by intercepting a security-question response during the initial configuration of the application. | |||||
CVE-2014-5954 | 1 Sbi | 1 State Bank Anywhere | 2024-11-21 | 5.4 MEDIUM | N/A |
The State Bank Anywhere (aka com.sbi.SBIFreedomPlus) application 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |