Writediary

Diary With Lock

2 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2017-15582

  • EPSS 0.22%
  • Published 27.10.2017 20:29:01
  • Last modified 20.04.2025 01:37:25

In net.MCrypt in the "Diary with lock" (aka WriteDiary) application 4.72 for Android, hardcoded SecretKey and iv variables are used for the AES parameters, which makes it easier for attackers to obtain the cleartext of stored diary entries.

7.5

CVE-2017-15581

  • EPSS 0.75%
  • Published 27.10.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

In the "Diary with lock" (aka WriteDiary) application 4.72 for Android, neither HTTPS nor other encryption is used for transmitting data, despite the documentation that the product is intended for "a personal journal of ... secrets and feelings," whi...