Skip to main content
CVE-2014-6277 CRITICAL POC THREAT Emergency

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 86.8%.

Command Injection Denial Of Service SSH RCE Apache +1
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
86.8%
Threat
6.1
CVE-2014-3062 CRITICAL Act Now

Unspecified vulnerability in IBM Security QRadar SIEM 7.1 MR2 and 7.2 MR2 allows remote attackers to execute arbitrary code via unknown vectors. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM RCE Qradar Security Information And Event Manager
NVD
CVSS 2.0
9.3
EPSS
7.3%
CVE-2014-5459 LOW POC Monitor

The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/,. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Solaris Evergreen Opensuse
NVD
CVSS 2.0
3.6
EPSS
0.1%
CVE-2014-6747 MEDIUM This Month

The SeeOn (aka com.seeon) application 4.0.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Seeon
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6746 MEDIUM This Month

The Infiniti Roadside Assistance (aka com.ccas.rsa.common.infiniti) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Infiniti Roadside Assistance
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6745 MEDIUM This Month

The Family Location (aka com.sosocome.family) application 3.4 2014-5-20 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Family Location
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6744 MEDIUM This Month

The Al-Ahsa News (aka com.alahsa.news) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Al Ahsa News
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6743 MEDIUM This Month

The Hearsay: A Social Party Game (aka air.com.lip.per) application 1.7.000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Hearsay
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6742 MEDIUM This Month

The All around Cyprus (aka com.cyprus.newspapers) application 2.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure All Around Cyprus
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6741 MEDIUM This Month

The John MacArthur (aka com.john.macarthur) application 1.0.26 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure John Macarthur
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6740 MEDIUM This Month

The XD Forum (aka com.tapatalk.xdforumcomforum) application 3.9.17 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Xd Forum
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6739 MEDIUM This Month

The Well-Being Connect Mobile (aka com.healthways.wellbeinggo) application 2.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Well Being Connect Mobile
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6738 MEDIUM This Month

The Maccabi Tel Aviv (aka com.monkeytech.maccabi) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Maccabi Tel Aviv
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6737 MEDIUM This Month

The Ultimate Target-Armored Sniper (aka air.wood.liame.ultimatetarget) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Ultimate Target Armored Sniper
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6736 MEDIUM This Month

The EPL Hat Trick (aka com.hat.trick.goal) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Epl Hat Trick
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6735 MEDIUM This Month

The imagine Next bmobile (aka com.conduit.app_51c3c19581af465092327dd25591b224.app) application 1.7.10.243 for Android does not verify X.509 certificates from SSL servers, which allows. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Imagine Next Bmobile
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6734 MEDIUM This Month

The Wine Making (aka com.gcspublishing.winemakingtalk) application 3.7.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Wine Making
NVD
CVSS 2.0
5.4
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy