Vulnerabilities > NQ

DATE CVE VULNERABILITY TITLE RISK
2017-10-29 CVE-2017-15999 Cleartext Transmission of Sensitive Information vulnerability in NQ Contacts Backup & Restore 1.1
In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for transmitting login and synced user data.
network
low complexity
nq CWE-319
5.0
2017-10-29 CVE-2017-15998 Use of a Broken or Risky Cryptographic Algorithm vulnerability in NQ Contacts Backup & Restore 1.1
In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static key is used to secure transmitted contact data.
network
low complexity
nq CWE-327
5.0
2017-10-29 CVE-2017-15997 Use of a Broken or Risky Cryptographic Algorithm vulnerability in NQ Contacts Backup & Restore 1.1
In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to secure the user password locally stored in shared preferences.
local
low complexity
nq CWE-327
2.1
2014-09-09 CVE-2014-5764 Cryptographic Issues vulnerability in NQ Antivirus Free 7.2.16.02
The Antivirus Free (aka com.zrgiu.antivirus) application 7.2.16.02 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
5.4
2014-09-09 CVE-2014-5673 Cryptographic Issues vulnerability in NQ Easy Finder & Anti-Theft 2.0.10.08
The Easy Finder & Anti-Theft (aka com.nqmobile.easyfinder) application 2.0.10.08 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
5.4
2014-09-09 CVE-2014-5672 Cryptographic Issues vulnerability in NQ Mobile Security & Antivirus 7.2.16.00
The NQ Mobile Security & Antivirus (aka com.nqmobile.antivirus20) application 7.2.16.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
5.4
2014-09-09 CVE-2014-5667 Cryptographic Issues vulnerability in NQ Vault-Hide SMS Pics & Videos 5.0.14.22
The Vault-Hide SMS, Pics & Videos (aka com.netqin.ps) application 5.0.14.22 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
5.4