Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2014-7374

    The SPIN - Motion Comic (aka me.narr8.android.serial.spin) application 2.1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certific... Read more

    Affected Products : spin_-_motion_comic
    • Published: Oct. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2023-47314

    Headwind MDM Web panel 5.22.1 is vulnerable to cross-site scripting (XSS). The file upload function allows APK and arbitrary files to be uploaded. By exploiting this issue, attackers may upload HTML files and share the download URL pointing to these files... Read more

    Affected Products : headwind_mdm
    • Published: Nov. 22, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-2349

    A vulnerability classified as problematic has been found in SourceCodester Service Provider Management System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument page leads to cross site scripting. It is pos... Read more

    • Published: Apr. 27, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2014-7456

    The Digit Magazine (aka com.magzter.digitmagazine) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : digit_magazine
    • Published: Oct. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7544

    The Secret City - Motion Comic (aka me.narr8.android.serial.the_secret_city) application 2.1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via ... Read more

    Affected Products : secret_city_-_motion_comic
    • Published: Oct. 20, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2023-27775

    A stored HTML injection vulnerability in LiveAction LiveSP v21.1.2 allows attackers to execute arbitrary code via a crafted payload.... Read more

    Affected Products : livesp
    • Published: Apr. 12, 2023
    • Modified: Feb. 08, 2025

  • 5.4

    MEDIUM
    CVE-2019-13936

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a persistent XSS vulnerability. This issue affects: Siemens AG Polarion All versions ... Read more

    Affected Products : polarion
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-5251

    The Grid Plus plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'grid_plus_save_layout_callback' and 'grid_plus_delete_callback' functions in versions up to, and including, 1.... Read more

    Affected Products : grid_plus
    • Published: Oct. 30, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2014-5569

    The Star Girl (aka com.animoca.google.starGirl) application 3.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : star_girl
    • Published: Sep. 09, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5760

    The Pizza Hut (aka com.yum.pizzahut) application 2.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : pizza_hut
    • Published: Sep. 09, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5827

    The Ibotta - Better than Coupons. (aka com.ibotta.android) application 2.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certific... Read more

    Affected Products : ibotta_-_better_than_coupons.
    • Published: Sep. 09, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-6649

    The MyBroadband Tapatalk (aka com.tapatalk.mybroadbandcozavb) application 3.9.22 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted cert... Read more

    Affected Products : mybroadband_tapatalk
    • Published: Sep. 23, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-6715

    The SlotMachine (aka com.popoinnovation.SlotMachine) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : slotmachine
    • Published: Sep. 25, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-6831

    The Hippo Studio (aka com.appgreen.hippostudio) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : hippo_studio
    • Published: Sep. 30, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-6878

    The RBFCU Mobile (aka com.Vertifi.DeposZip.P314089681) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : rbfcu_mobile
    • Published: Oct. 02, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2013-1100

    The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port (1) 80 or (2) 443, aka Bug ID CSCuc53853.... Read more

    • Published: Feb. 13, 2013
    • Modified: Apr. 11, 2025

  • 5.4

    MEDIUM
    CVE-2014-7135

    The Ayuntamiento de Coana (aka com.wInfoCoa) application 0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : ayuntamiento_de_coana
    • Published: Oct. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7316

    The Safe Arrival (aka com.synrevoice.safearrival) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : safe_arrival
    • Published: Oct. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7413

    The Rajendra Suriji (aka com.rajendrasuriji.nakodabhairav.com) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certif... Read more

    Affected Products : rajendra_suriji
    • Published: Oct. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7683

    The Free Canadian Author Previews (aka com.booksellerscanada.authorpreview) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... Read more

    Affected Products : free_canadian_author_previews
    • Published: Oct. 21, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 292811 Results