Vulnerabilities > Writediary

DATE CVE VULNERABILITY TITLE RISK
2017-10-27 CVE-2017-15582 Use of Hard-coded Credentials vulnerability in Writediary Diary With Lock 4.72
In net.MCrypt in the "Diary with lock" (aka WriteDiary) application 4.72 for Android, hardcoded SecretKey and iv variables are used for the AES parameters, which makes it easier for attackers to obtain the cleartext of stored diary entries.
network
low complexity
writediary CWE-798
5.0
2017-10-27 CVE-2017-15581 Missing Encryption of Sensitive Data vulnerability in Writediary Diary With Lock 4.72
In the "Diary with lock" (aka WriteDiary) application 4.72 for Android, neither HTTPS nor other encryption is used for transmitting data, despite the documentation that the product is intended for "a personal journal of ...
network
low complexity
writediary CWE-311
5.0