Vulnerabilities > Swiftkey

DATE	CVE	VULNERABILITY TITLE	RISK
2015-06-19	CVE-2015-4641	Path Traversal vulnerability in Swiftkey SDK Directory traversal vulnerability in the SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices allows remote web servers to write to arbitrary files, and consequently execute arbitrary code in a privileged context, by leveraging control of the skslm.swiftkey.net domain name and providing a .. network low complexity swiftkey samsung CWE-22	6.4
2015-06-19	CVE-2015-4640	7PK - Security Features vulnerability in Swiftkey SDK The SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices relies on an HTTP connection to the skslm.swiftkey.net server, which allows man-in-the-middle attackers to write to language-pack files by modifying an HTTP response. swiftkey samsung CWE-254	2.9
2014-09-09	CVE-2014-5722	Cryptographic Issues vulnerability in Swiftkey Keyboard + Emoji 5.0.2.4 The SwiftKey Keyboard + Emoji (aka com.touchtype.swiftkey) application 5.0.2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. swiftkey CWE-310	5.4

Vulnerabilities > Swiftkey {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Swiftkey"}]}