Skip to main content
CVE-2014-7278 MEDIUM POC This Month

The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to cause a denial of service (persistent web-interface outage) via JavaScript. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Zyxel Denial Of Service Sbg3300 N Firmware Sbg3300 N
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2014-7277 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Zyxel Sbg3300 N Firmware Sbg3300 N
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-6933 MEDIUM This Month

The Toraware Takojyou (aka ltd.pte.wavea.torawaretakojyou) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Toraware Takojyou
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6932 MEDIUM This Month

The All Navalny (aka com.all.navalny) application 1.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure All Navalny
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6931 MEDIUM This Month

The Treves Dance Center (aka com.myapphone.android.myapptrvesdancecenter) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Treves Dance Center
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6930 MEDIUM This Month

The Abram Radio Groove!. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Abram Radio Groove
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6929 MEDIUM This Month

The AIHce 2014 (aka com.coreapps.android.followme.aihce2014) application 6.1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Aihce 2014
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6927 MEDIUM This Month

The Myanmar Housing : mmHome (aka com.mmhome3) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Myanmar Housing
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6926 MEDIUM This Month

The Allt om Brollop (aka com.paperton.wl.alltombrollop) application 1.53 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Allt Om Brollop
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6925 MEDIUM This Month

The Steyr Forum (aka com.tapatalk.steyrclubcomvb) application 3.9.12 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Steyr Forum
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6924 MEDIUM This Month

The Metro News (aka com.netpia.ha.metro) application 1.6.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Metro News
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6923 MEDIUM This Month

The Dubrovnik Guided Walking Tours (aka com.mytoursapp.android.app351) application 1.3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Dubrovnik Guided Walking Tours
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6922 MEDIUM This Month

The KFAI Community Radio (aka com.skyblue.pra.kfai) application 2.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Kfai Community Radio
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6921 MEDIUM This Month

The Buckhorn Grill (aka com.orderingapps.buckhorn) application 2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Buckhorn Grill
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6920 MEDIUM This Month

The Canal 44 (aka com.canal.canal44) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Canal 44
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6919 MEDIUM This Month

The Metalcasting Newsstand (aka air.com.yudu.ReaderAIR3017071) application 3.12.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Metalcasting Newsstand
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6918 MEDIUM This Month

The Bikers Underground (aka hr.ap.n66871172) application 4.5.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Bikers Underground
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6917 MEDIUM This Month

The www.knote.kr Smart (aka kr.or.knote.android) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Www Knote Kr Smart
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6916 MEDIUM This Month

The mama.cn (aka cn.ziipin.mama.ui) application 1.02 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Mama Cn
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6914 MEDIUM This Month

The Houcine El Jasmi (aka com.devkhr31.houcineeljasmi) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Houcine El Jasmi
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6913 MEDIUM This Month

The Dive The World (aka com.paperton.wl.divetheworld) application 1.53 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Dive The World
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6912 MEDIUM This Month

The IRA's 59th Annual Conference (aka com.coreapps.android.followme.ira_14) application 6.0.7.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Ira S 59Th Annual Conference
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6911 MEDIUM This Month

The diziturky HD 2015 (aka com.adv.diziturky) application 2014 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Diziturky Hd 2015
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6910 MEDIUM This Month

The MemorizeIt!. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Memorizeit
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6909 MEDIUM This Month

The Coca-Cola FM Peru (aka com.enyetech.radio.coca_cola.fm_pe) application 2.0.41716 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Coca Cola Fm Peru
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6908 MEDIUM This Month

The Forum IC (aka com.tapatalk.forumimmigrercom) application 3.3.12 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Forum Ic
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6907 MEDIUM This Month

The Rakuten Install (aka co.jp.rakuten.installapp) application 1.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Rakuten Install
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6906 MEDIUM This Month

The Loli Chocolate Cake (aka com.alison.kang.chocolatecake) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Loli Chocolate Cake
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2014-6928 MEDIUM This Month

The Rastreador de Celulares (aka com.mobincube.android.sc_9KTH8) application 5.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Rastreador De Celulares
NVD
CVSS 2.0
5.4
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy