VYPR
Vendor

Disney

Products
5
CVEs
5
Across products
5
Status
Private

Products

5

Recent CVEs

5
  • CVE-2017-12085CriNov 7, 2017
    risk 0.59cvss 9.0epss 0.02

    An exploitable routing vulnerability exists in the Circle with Disney cloud infrastructure. A specially crafted packet can make the Circle cloud route a packet to any arbitrary Circle device. An attacker needs network connectivity to the Internet to trigger this vulnerability.

  • CVE-2014-5849Sep 9, 2014
    risk 0.00cvss epss 0.00

    The Maleficent Free Fall (aka com.disney.maleficent_goo) application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-5607Sep 9, 2014
    risk 0.00cvss epss 0.00

    The Where's My Water? Free (aka com.disney.WMWLite) application 1.9.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-5606Sep 9, 2014
    risk 0.00cvss epss 0.00

    The Where's My Perry? Free (aka com.disney.WMPLite) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-1999-1009Dec 12, 1999
    risk 0.00cvss epss 0.01

    The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system.