VYPR
Vendor

Magzter

Products
47
CVEs
51
Across products
35
Status
Private

Products

47
View all 47 products →

Recent CVEs

51
View all 51 CVEs →
  • CVE-2020-19587Sep 14, 2022
    risk 0.00cvss epss 0.01

    Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI.

  • CVE-2020-19586Sep 14, 2022
    risk 0.00cvss epss 0.01

    Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI.

  • CVE-2022-22700Mar 3, 2022
    risk 0.00cvss epss 0.01

    CyberArk Identity versions up to and including 22.1 in the 'StartAuthentication' resource, exposes the response header 'X-CFY-TX-TM'. In certain configurations, that response header contains different, predictable value ranges which can be used to determine whether a user exists…

  • CVE-2021-37151Sep 1, 2021
    risk 0.00cvss epss 0.01

    CyberArk Identity 21.5.131, when handling an invalid authentication attempt, sometimes reveals whether the username is valid. In certain authentication policy configurations with MFA, the API response length can be used to differentiate between a valid user and an invalid one…

  • CVE-2021-24375Jul 6, 2021
    risk 0.00cvss epss 0.03

    Lack of authentication or validation in motor_load_more, motor_gallery_load_more, motor_quick_view and motor_project_quick_view AJAX handlers of the Motor WordPress theme before 3.1.0 allows an unauthenticated attacker access to arbitrary files in the server file system, and to…

  • CVE-2014-7786Oct 21, 2014
    risk 0.00cvss epss 0.00

    The English Football Magazine (aka com.magzter.englishfootball) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7784Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Schon! Magazine (aka com.magzter.schonmagazine) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7778Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Epc World (aka com.magzter.epcworld) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7775Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Champak - Hindi (aka com.magzter.champakhindi) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7733Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Karaf Magazin (aka com.magzter.karafmagazin) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7722Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Indian Jeweller (aka com.magzter.indianjeweller) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7718Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Travel+Leisure (aka com.magzter.travelleisure) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7710Oct 21, 2014
    risk 0.00cvss epss 0.00

    The India Today Telugu (aka com.magzter.indiatoday.telugu) application 3.02 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7696Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Halftime Magazine (aka com.magzter.halftimemagazine) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7682Oct 21, 2014
    risk 0.00cvss epss 0.00

    The GR8! TV (aka com.magzter.greighttv) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7660Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Gent Magazine (aka com.magzter.thegentmagazine) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7656Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Indian Management (aka com.magzter.indianmanagement) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-4899Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Indian Cement Review (aka com.magzter.indiancementreview) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-4897Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Touriosity Travelmag (aka com.magzter.touriositytravelmag) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-4890Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Nano Digest (aka com.magzter.nanodigest) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.