VYPR
Vendor

Aerogear

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2014-3648HigJul 1, 2022
    risk 0.49cvss 7.5epss 0.01

    The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. But this is user controlled. If a bogus applications is registered with bad deviceTokens, one can generate endless exceptions when those…

  • CVE-2014-3650MedJul 1, 2022
    risk 0.35cvss 5.4epss 0.01

    Multiple persistent cross-site scripting (XSS) flaws were found in the way Aerogear handled certain user-supplied content. A remote attacker could use these flaws to compromise the application with specially crafted input.