Applock
by Tecno
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-12603 | Cri | 0.64 | 9.8 | 0.01 | Dec 13, 2024 | A logic vulnerability in the the mobile application (com.transsion.applock) can lead to bypassing the application password. | ||
| CVE-2022-30755 | Hig | 0.47 | 7.3 | 0.00 | Jul 12, 2022 | Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent. | ||
| CVE-2022-1959 | Med | 0.43 | 6.6 | 0.00 | Sep 30, 2022 | AppLock version 7.9.29 allows an attacker with physical access to the device to bypass biometric authentication. This is possible because the application did not correctly implement fingerprint validations. | ||
| CVE-2025-68712 | Med | 0.36 | 5.5 | 0.00 | May 27, 2026 | SpSoft AppLock (com.sp.protector.free) 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to… | ||
| CVE-2025-68709 | Med | 0.34 | 5.2 | 0.00 | May 26, 2026 | SailingLab AppLock (aka com.alpha.applock) 4.3.8 for Android allows a local attacker to trigger arbitrary JavaScript execution via BrowserMainActivity, which accepts VIEW intents with javascript: URIs. This unsafe navigation path results in script execution and may allow UI… | ||
| CVE-2023-21484 | Med | 0.33 | 5.1 | 0.00 | May 4, 2023 | Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation. | ||
| CVE-2022-24929 | Med | 0.27 | 4.1 | 0.00 | Mar 10, 2022 | Unprotected Activity in AppLock prior to SMR Mar-2022 Release 1 allows attacker to change the list of locked app without authentication. | ||
| CVE-2025-68708 | Low | 0.16 | 2.4 | 0.00 | May 26, 2026 | SailingLab AppLock (aka com.alpha.applock) 4.3.8 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows - insecure… | ||
| CVE-2022-33720 | Low | 0.16 | 2.4 | 0.00 | Aug 5, 2022 | Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut. | ||
| CVE-2024-20830 | 0.00 | — | 0.00 | Mar 5, 2024 | Incorrect default permission in AppLock prior to SMR MAr-2024 Release 1 allows local attackers to configure AppLock settings. |
- risk 0.64cvss 9.8epss 0.01
A logic vulnerability in the the mobile application (com.transsion.applock) can lead to bypassing the application password.
- risk 0.47cvss 7.3epss 0.00
Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent.
- risk 0.43cvss 6.6epss 0.00
AppLock version 7.9.29 allows an attacker with physical access to the device to bypass biometric authentication. This is possible because the application did not correctly implement fingerprint validations.
- risk 0.36cvss 5.5epss 0.00
SpSoft AppLock (com.sp.protector.free) 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to…
- risk 0.34cvss 5.2epss 0.00
SailingLab AppLock (aka com.alpha.applock) 4.3.8 for Android allows a local attacker to trigger arbitrary JavaScript execution via BrowserMainActivity, which accepts VIEW intents with javascript: URIs. This unsafe navigation path results in script execution and may allow UI…
- risk 0.33cvss 5.1epss 0.00
Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation.
- risk 0.27cvss 4.1epss 0.00
Unprotected Activity in AppLock prior to SMR Mar-2022 Release 1 allows attacker to change the list of locked app without authentication.
- risk 0.16cvss 2.4epss 0.00
SailingLab AppLock (aka com.alpha.applock) 4.3.8 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows - insecure…
- risk 0.16cvss 2.4epss 0.00
Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut.
- CVE-2024-20830Mar 5, 2024risk 0.00cvss —epss 0.00
Incorrect default permission in AppLock prior to SMR MAr-2024 Release 1 allows local attackers to configure AppLock settings.