Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.8

    MEDIUM
    CVE-2014-0985

    Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName parameter.... Read more

    Affected Products : webaccess advantech_webaccess
    • Published: Sep. 20, 2014
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-3614

    Unspecified vulnerability in PowerDNS Recursor (aka pdns_recursor) 3.6.x before 3.6.1 allows remote attackers to cause a denial of service (crash) via an unknown sequence of malformed packets.... Read more

    Affected Products : recursor powerdns_recursor
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2012-6659

    Cross-site scripting (XSS) vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.... Read more

    Affected Products : phorum
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2012-2588

    Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Enterprise 6.5 allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, or (3) Subject header or (4) body in an SMTP e-mail message.... Read more

    Affected Products : mailenable
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5970

    The BabyBus (aka com.sinyee.babybus.concert.ru) application 3.91 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : babybus
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5969

    The healthylifestyle (aka com.alek.healthylifestyle) application 1.2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : healthylifestyle
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5968

    The iGolf - Golf GPS (aka com.igolf) application 20 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : igolf_-_golf_gps
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5967

    The Designs Nail Arts (aka com.decoracionesnailart.flickr) application 3.6.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certific... Read more

    Affected Products : designs_nail_arts
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5966

    The Dreamland Super Theme GO Gold (aka com.gau.go.launcherex.viptheme.dreamland.gold) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information... Read more

    Affected Products : dreamland_super_theme_go_gold
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5965

    The GrooveMusic (aka com.mobincube.android.sc_2HKFF) application 2.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : groovemusic
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5964

    The MegaBank (aka com.megabank.mobilebank) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : megabank
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5963

    The Halieutics (aka com.corn.Halieutics) application 21.40.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : halieutics
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5962

    The Guess The Actor (aka com.gamelikeinc.actors) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : guess_the_actor
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5961

    The russiananime (aka com.rareartifact.russiananime68A5CCFE) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificat... Read more

    Affected Products : russiananime
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5960

    The BundesArztsuche (aka de.kbv.bas) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : federal_doctors
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5959

    The tx Smart (aka com.wooriwm.txsmart) application 7.05 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : tx_smart
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-5958

    The ChatBox - Chat Rooms (aka com.droidchatroom.messengerapp) application 2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certifi... Read more

    Affected Products : chatbox_-_chat_rooms
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-4424

    SQL injection vulnerability in Wiki Server in CoreCollaboration in Apple OS X Server before 2.2.3 and 3.x before 3.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.... Read more

    Affected Products : os_x_server
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 6.9

    MEDIUM
    CVE-2014-4416

    An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a di... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2014-4406

    Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : os_x_server
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 294848 Results