Skip to main content
CVE-2014-4973 MEDIUM POC This Month

The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Eset Information Disclosure Smart Security Endpoint Security
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2014-4752 CRITICAL Act Now

IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, and G8264-T switches before 7.9.10.0; EN4093, EN4093R, CN4093, SI4093, EN2092, and G8264CS switches before 7.8.6.0; Flex System. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure System Networking Rackswitch G8332 Firmware System Networking Rackswitch G8332 Bladecenter 1G Firmware +37
NVD
CVSS 2.0
10.0
EPSS
2.5%
CVE-2014-4816 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.x through 6.1.0.47, 7.0 before 7.0.0.35, 8.0 before 8.0.0.10, and 8.5 before. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.

IBM XSS CSRF Websphere Application Server
NVD
CVSS 2.0
6.0
EPSS
0.1%
CVE-2014-5392 MEDIUM PATCH This Month

XML External Entity (XXE) vulnerability in JobScheduler before 1.6.4246 and 7.x before 1.7.4241 allows remote attackers to cause a denial of service and read arbitrary files or directories via a. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Denial Of Service XXE Jobscheduler
NVD
CVSS 2.0
5.8
EPSS
1.0%
CVE-2014-6691 MEDIUM This Month

The UC Browser HD (aka com.uc.browser.hd) application 3.3.1.469 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Uc Browser Hd
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6689 MEDIUM This Month

The JW Cards (aka com.jingwei.card) application 3.8.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Jw Cards
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6688 MEDIUM This Month

The Voices.com (aka com.voices.voices) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Voices Com
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6687 MEDIUM This Month

The wSaudichannelAlNasr (aka com.wSaudichannelAlNasr) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Wsaudichannelalnas
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6686 MEDIUM This Month

The Zoho Books - Accounting App (aka com.zoho.books) application 3.1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Zoho Google Information Disclosure Zoho Books Accounting App
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6685 MEDIUM This Month

The Tsushima Travel Guide (aka com.netjapan.ntsushima) application 1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Tsushima Travel Guide
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6684 MEDIUM This Month

The MOL bringaPONT (aka hu.mol.bringapont) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Mol Bringapont
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6683 MEDIUM This Month

The Open Electrical Webser (aka com.wOpenElectricalWeb) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Open Electrical Webser
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6682 MEDIUM This Month

The w88235ff7bdc2fb574f1789750ea99ed6 (aka com.w88235ff7bdc2fb574f1789750ea99ed6) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure W88235Ff7Bdc2Fb574F1789750Ea99Ed6
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6681 MEDIUM This Month

The Mahabharata Audiocast (aka com.wordbox.mahabharataAudiocast) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Mahabharata Audiocast
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6680 MEDIUM This Month

The superheroquiz (aka com.davidhey.superheroquiz) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Superheroquiz
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6679 MEDIUM This Month

The wEPISDParentPortal (aka com.dreamstep.wEPISDParentPortal) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Wepisdparentportal
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6678 MEDIUM This Month

The Algeria Radio (aka com.wordbox.algeriaRadio) application 2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Algeria Radio
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6677 MEDIUM This Month

The Ticket Round Up (aka com.xcr.android.ticketroundupapp) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Ticket Round Up
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6676 MEDIUM This Month

The Exercitii pentru abdomen (aka com.rareartifact.exercitiipentruabdomen41E29322) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Exercitii Pentru Abdomen
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6675 MEDIUM This Month

The Ruta Exacta (aka com.rutaexacta.m) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Ruta Exacta
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6674 MEDIUM This Month

The Amazighmusic (aka nl.appsandroo.Amazighmusic) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Amazighmusic
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6673 MEDIUM This Month

The ChallengerTX (aka com.zhtiantian.ChallengerTX) application 3.9.12.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Challengertx
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6672 MEDIUM This Month

The Friendcaster (aka uk.co.senab.blueNotifyFree) application 5.4.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Friendcaster
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6671 MEDIUM This Month

The World Cup 2014 Brazil - Xem TV (aka vn.letshare.football.worldcup) application 2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure World Cup 2014 Brazil Xem Tv
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6670 MEDIUM This Month

The SingaporeMotherhood Forum (aka com.tapatalk.singaporemotherhoodcomforum) application 3.6.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Singaporemotherhood Forum
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6669 MEDIUM This Month

The Inside Crochet (aka com.magazinecloner.insidecrochet) application @7F08017A for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Inside Crochet
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6668 MEDIUM This Month

The African Radios Live (aka com.nana.africanradioslive) application 1.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure African Radios Live
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6667 MEDIUM This Month

The racemotocross (aka com.bossappsmk.racemotocross) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Racemotocross
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6666 MEDIUM This Month

The Baglamukhi (aka com.wshribaglamukhiblog) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Baglamukhi
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6665 MEDIUM This Month

The Ahmed Bukhatir Nasheeds TV (aka com.wAhmedBukhatirApp) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Ahmed Bukhatir Nasheeds Tv
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6664 MEDIUM This Month

The Latin Angels Music HD (aka com.applizards.lafreetj) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Latin Angels Music Hd
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6663 MEDIUM This Month

The Addis Gag Funny Amharic Pic (aka com.wAmharicFunnyPicture) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Addis Gag Funny Amharic Pic
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6662 MEDIUM This Month

The Forum Krstarice (aka com.tapatalk.forumkrstaricacom) application 3.5.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Forum Krstarice
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6661 MEDIUM This Month

The netease movie (aka com.netease.movie) application 4.7.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Netease Movie
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6660 MEDIUM This Month

The Koleksi Hadis Nabi SAW (aka com.wKoleksiHadisNabiSAW) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Koleksi Hadis Nabi Saw
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6659 MEDIUM This Month

The Defence.pk (aka com.tapatalk.defencepkforums) application 2.4.13.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Defence Pk
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6658 MEDIUM This Month

The Apploi Job Search- Find Jobs (aka com.apploi) application 4.19 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Apploi Job Search Find Jobs
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6657 MEDIUM This Month

The Leadership Newspapers (aka com.LeadershipNewspapers) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Leadership Newspapers
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6656 MEDIUM This Month

The drareym (aka com.drareym) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Drareym
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6655 MEDIUM This Month

The Tortoise Forum (aka org.tortoiseforum.android.forumrunner) application 3.5.16 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Tortoise Forum
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6654 MEDIUM This Month

The wTrootrooTvIzle (aka com.wTrootrooTvIzle) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Wtrootrootvizle
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6653 MEDIUM This Month

The Afghan Radio (aka com.wordbox.afghanRadio) application 2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Afghan Radio
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6652 MEDIUM This Month

The Wizaz Forum (aka com.tapatalk.wizazplforum) application 3.6.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Wizaz Forum
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6651 MEDIUM This Month

The Planet of the Vapes Forum (aka com.tapatalk.planetofthevapescoukforums) application 3.7.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Planet Of The Vapes Forum
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6650 MEDIUM This Month

The NextGenUpdate (aka com.tapatalk.nextgenupdatecomforums) application 3.1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Nextgenupdate
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6649 MEDIUM This Month

The MyBroadband Tapatalk (aka com.tapatalk.mybroadbandcozavb) application 3.9.22 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Mybroadband Tapatalk
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6648 MEDIUM This Month

The iPhone4.TW (aka com.tapatalk.iPhone4TWforums) application 3.3.20 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Iphone4 Tw
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6647 MEDIUM This Month

The ElForro.com (aka com.tapatalk.elforrocom) application 2.4.3.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Elforro Com
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6646 MEDIUM This Month

The bellyhoodcom (aka com.tapatalk.bellyhoodcom) application 3.4.23 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Bellyhoodcom
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6692 MEDIUM This Month

The Kingsoft Clip (Office Tool) (aka cn.wps.clip) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Microsoft Kingsoft Clip Office Tool
NVD
CVSS 2.0
5.4
EPSS
0.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy