|
280081
|
- |
|
homerelectric
|
hea_mobile
|
The HEA Mobile (aka com.homerelectric.smartapps) application 1.153.0034 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and …
|
CWE-310
Cryptographic Issues
|
CVE-2014-7422
|
2024-11-21 11:17 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280082
|
- |
|
mytoursapp
|
revel_in_the_rideau_lakes
|
The Revel in the Rideau Lakes (aka com.mytoursapp.android.app326) application 1.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof …
|
CWE-310
Cryptographic Issues
|
CVE-2014-7421
|
2024-11-21 11:17 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280083
|
- |
|
magzter
|
just_bureaucracy
|
The Just Bureaucracy (aka com.magzter.justbureaucracy) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7420
|
2024-11-21 11:17 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280084
|
- |
|
pokecreator
|
pokecreator_lite
|
The PokeCreator Lite (aka com.pokecreator.builderlite) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and o…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7419
|
2024-11-21 11:17 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280085
|
- |
|
magzter
|
bbc_knowledge_magazine
|
The BBC Knowledge Magazine (aka com.magzter.bbcknowledge) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers a…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7418
|
2024-11-21 11:17 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280086
|
- |
|
realacademiabellasartessanfernando
|
real_academia_de_bellas_artes
|
The Real Academia de Bellas Artes (aka com.adianteventures.adianteapps.real_academia_de_bellas_artes) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7417
|
2024-11-21 11:17 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280087
|
- |
|
pocketmags
|
craft_stamper_magazine
|
The Craft Stamper Magazine (aka com.triactivemedia.craftstamper) application @7F080183 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spo…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7416
|
2024-11-21 11:17 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280088
|
9.8 |
CRITICAL
Network
|
farsite
|
farlinx_x25_gateway_firmware
|
FarLinX X25 Gateway through 2014-09-25 allows attackers to write arbitrary data to fsUI.xyz via fsSaveUIPersistence.php.
|
CWE-787
Out-of-bounds Write
|
CVE-2014-7175
|
2024-11-21 11:16 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280089
|
5.3 |
MEDIUM
Network
|
farsite
|
farlinx_x25_gateway_firmware
|
FarLinX X25 Gateway through 2014-09-25 allows directory traversal via the log-handling feature.
|
CWE-22
Path Traversal
|
CVE-2014-7174
|
2024-11-21 11:16 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280090
|
9.8 |
CRITICAL
Network
|
farsite
|
farlinx_x25_gateway_firmware
|
FarLinX X25 Gateway through 2014-09-25 allows command injection via shell metacharacters to sysSaveMonitorData.php, fsx25MonProxy.php, syseditdate.php, iframeupload.php, or sysRestoreX25Cplt.php.
|
CWE-78
OS Command
|
CVE-2014-7173
|
2024-11-21 11:16 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
