Skip to main content
CVE-2014-5809 MEDIUM This Month

The Smart Browser (aka smartbrowser.geniuscloud) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Smart Browser
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-5665 MEDIUM This Month

The Mzone Login (aka com.mr384.MzoneLogin) application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Mzone Login
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-5320 MEDIUM This Month

The Bump application for Android does not properly handle implicit intents, which allows attackers to obtain sensitive owner-name information via a crafted application. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Information Disclosure Bump
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2014-3635 MEDIUM PATCH This Month

Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the max_message_unix_fds limit is set to an odd number, allows local users to. Rated medium severity (CVSS 4.4). This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service RCE Buffer Overflow D Bus Dbus +1
NVD
CVSS 2.0
4.4
EPSS
0.2%
CVE-2014-5316 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Dotclear before 2.6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Dotclear
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-3595 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Red Hat Java Satellite Satellite With Embedded Oracle +3
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-5322 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 13 and Pro Advanced before 13 allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Filemaker Pro Filemaker Pro Advanced
NVD
CVSS 2.0
4.3
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy