VYPR

Applock

by Tecno

CVEs (10)

  • CVE-2024-12603CriDec 13, 2024
    risk 0.64cvss 9.8epss 0.01

    A logic vulnerability in the the mobile application (com.transsion.applock) can lead to bypassing the application password.

  • CVE-2022-30755HigJul 12, 2022
    risk 0.47cvss 7.3epss 0.00

    Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent.

  • CVE-2022-1959MedSep 30, 2022
    risk 0.43cvss 6.6epss 0.00

    AppLock version 7.9.29 allows an attacker with physical access to the device to bypass biometric authentication. This is possible because the application did not correctly implement fingerprint validations.

  • CVE-2025-68712MedMay 27, 2026
    risk 0.36cvss 5.5epss 0.00

    SpSoft AppLock (com.sp.protector.free) 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to…

  • CVE-2025-68709MedMay 26, 2026
    risk 0.34cvss 5.2epss 0.00

    SailingLab AppLock (aka com.alpha.applock) 4.3.8 for Android allows a local attacker to trigger arbitrary JavaScript execution via BrowserMainActivity, which accepts VIEW intents with javascript: URIs. This unsafe navigation path results in script execution and may allow UI…

  • CVE-2023-21484MedMay 4, 2023
    risk 0.33cvss 5.1epss 0.00

    Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation.

  • CVE-2022-24929MedMar 10, 2022
    risk 0.27cvss 4.1epss 0.00

    Unprotected Activity in AppLock prior to SMR Mar-2022 Release 1 allows attacker to change the list of locked app without authentication.

  • CVE-2025-68708LowMay 26, 2026
    risk 0.16cvss 2.4epss 0.00

    SailingLab AppLock (aka com.alpha.applock) 4.3.8 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows - insecure…

  • CVE-2022-33720LowAug 5, 2022
    risk 0.16cvss 2.4epss 0.00

    Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut.

  • CVE-2024-20830Mar 5, 2024
    risk 0.00cvss epss 0.00

    Incorrect default permission in AppLock prior to SMR MAr-2024 Release 1 allows local attackers to configure AppLock settings.