Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2014-6787

    The Counter Intuition (aka com.counter.intuition) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : counter_intuition
    • EPSS Score: %0.04
    • Published: Sep. 29, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7558

    The Everest Poker (aka com.wEverestPoker) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : everest_poker
    • EPSS Score: %0.04
    • Published: Oct. 20, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7582

    The Water Lateral Sizer (aka com.wWaterLateralSizer) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : water_lateral_sizer
    • EPSS Score: %0.04
    • Published: Oct. 20, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7597

    The Fabulas Infantiles (aka com.mobincube.android.sc_9I1A3) application 3.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certifi... Read more

    Affected Products : fabulas_infantiles
    • EPSS Score: %0.04
    • Published: Oct. 20, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7610

    The Kadinlar Kulubu KKMobileApp (aka com.tapatalk.kadinlarkulubucom) application 3.4.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafte... Read more

    Affected Products : kadinlar_kulubu_kkmobileapp
    • EPSS Score: %0.04
    • Published: Oct. 20, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2022-27428

    A stored cross-site scripting (XSS) vulnerability in /index.php/album/add of GalleryCMS v2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the album_name parameter.... Read more

    Affected Products : gallerycms
    • EPSS Score: %0.18
    • Published: Apr. 25, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2014-6794

    The AAPLD (aka com.bredir.boopsie.aapld) application 4.5.110 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : aapld
    • EPSS Score: %0.04
    • Published: Sep. 29, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-6806

    The Thanodi - Setswana Translator (aka com.thanodi.thanodi) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certifi... Read more

    Affected Products : thanodi_-_setswana_translator
    • EPSS Score: %0.04
    • Published: Sep. 30, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-6812

    The Aloha Guide (aka com.aloha.guide.english) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : aloha_guide
    • EPSS Score: %0.04
    • Published: Sep. 30, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7681

    The VMware vForums 2014 (aka com.coreapps.android.followme.vmwarevforums) application 6.0.9.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... Read more

    Affected Products : vmware_vforums_2014
    • EPSS Score: %0.04
    • Published: Oct. 21, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7717

    The Mills-Hazel Property Mgmt (aka com.appexpress.millshazelpropertymanagement) application 3.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information v... Read more

    Affected Products : mills-hazel_property_mgmt
    • EPSS Score: %0.04
    • Published: Oct. 21, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7789

    The Zillion Muslims (aka com.zillionmuslims.src) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : zillion_muslims
    • EPSS Score: %0.04
    • Published: Oct. 21, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2023-41150

    F-RevoCRM 7.3 series prior to version7.3.8 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product.... Read more

    Affected Products : f-revocrm
    • EPSS Score: %0.26
    • Published: Sep. 06, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2014-7791

    The Backyard Wrestling (aka com.wBackyardWrestling) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : backyard_wrestling
    • EPSS Score: %0.04
    • Published: Oct. 21, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-6830

    The Covet Fashion - Shopping Game (aka com.crowdstar.covetfashion) application 2.14.40 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafte... Read more

    Affected Products : covet_fashion_-_shopping_game
    • EPSS Score: %0.04
    • Published: Sep. 30, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-6839

    The Alma Corinthiana (aka com.alma.corinthiana) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : alma_corinthiana
    • EPSS Score: %0.04
    • Published: Sep. 30, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2023-3685

    A vulnerability was found in Nesote Inout Search Engine AI Edition 1.1. It has been classified as problematic. This affects an unknown part of the file /index.php. The manipulation of the argument page leads to cross site scripting. It is possible to init... Read more

    Affected Products : inout_search_engine_ai_edition
    • EPSS Score: %0.06
    • Published: Jul. 16, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-46798

    Cross-Site Request Forgery (CSRF) vulnerability in HasThemes ShopLentor plugin <= 2.5.1 leading to plugin settings change.... Read more

    • EPSS Score: %0.04
    • Published: Mar. 01, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2018-15184

    PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 has Stored XSS via the USERNAME field, a related issue to CVE-2018-6795.... Read more

    Affected Products : naukri_clone_script
    • EPSS Score: %0.21
    • Published: Aug. 09, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-37134

    A stored cross-site scripting (XSS) vulnerability in the Basic Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.... Read more

    Affected Products : eyoucms
    • EPSS Score: %0.08
    • Published: Jul. 06, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 292626 Results