VYPR

Vendor CVEs

Magzter

All CVEs

51 total · sorted by risk
  • CVE-2020-19587Sep 14, 2022
    risk 0.00cvss epss 0.01

    Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI.

  • CVE-2020-19586Sep 14, 2022
    risk 0.00cvss epss 0.01

    Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI.

  • CVE-2022-22700Mar 3, 2022
    risk 0.00cvss epss 0.01

    CyberArk Identity versions up to and including 22.1 in the 'StartAuthentication' resource, exposes the response header 'X-CFY-TX-TM'. In certain configurations, that response header contains different, predictable value ranges which can be used to determine whether a user exists…

  • CVE-2021-37151Sep 1, 2021
    risk 0.00cvss epss 0.01

    CyberArk Identity 21.5.131, when handling an invalid authentication attempt, sometimes reveals whether the username is valid. In certain authentication policy configurations with MFA, the API response length can be used to differentiate between a valid user and an invalid one…

  • CVE-2021-24375Jul 6, 2021
    risk 0.00cvss epss 0.03

    Lack of authentication or validation in motor_load_more, motor_gallery_load_more, motor_quick_view and motor_project_quick_view AJAX handlers of the Motor WordPress theme before 3.1.0 allows an unauthenticated attacker access to arbitrary files in the server file system, and to…

  • CVE-2014-7786Oct 21, 2014
    risk 0.00cvss epss 0.00

    The English Football Magazine (aka com.magzter.englishfootball) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7784Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Schon! Magazine (aka com.magzter.schonmagazine) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7778Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Epc World (aka com.magzter.epcworld) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7775Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Champak - Hindi (aka com.magzter.champakhindi) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7733Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Karaf Magazin (aka com.magzter.karafmagazin) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7722Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Indian Jeweller (aka com.magzter.indianjeweller) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7718Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Travel+Leisure (aka com.magzter.travelleisure) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7710Oct 21, 2014
    risk 0.00cvss epss 0.00

    The India Today Telugu (aka com.magzter.indiatoday.telugu) application 3.02 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7696Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Halftime Magazine (aka com.magzter.halftimemagazine) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7682Oct 21, 2014
    risk 0.00cvss epss 0.00

    The GR8! TV (aka com.magzter.greighttv) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7660Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Gent Magazine (aka com.magzter.thegentmagazine) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7656Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Indian Management (aka com.magzter.indianmanagement) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-4899Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Indian Cement Review (aka com.magzter.indiancementreview) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-4897Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Touriosity Travelmag (aka com.magzter.touriositytravelmag) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-4890Oct 21, 2014
    risk 0.00cvss epss 0.00

    The Nano Digest (aka com.magzter.nanodigest) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7490Oct 20, 2014
    risk 0.00cvss epss 0.00

    The Menaka - Marathi (aka com.magzter.menakamarathi) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7467Oct 19, 2014
    risk 0.00cvss epss 0.00

    The HoneyBee Mag (aka com.magzter.honeybeemag) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7457Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Electronics For You (aka com.magzter.electronicsforyou) application 3.02 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7456Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Digit Magazine (aka com.magzter.digitmagazine) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7448Oct 19, 2014
    risk 0.00cvss epss 0.00

    The DealSide Institutional (aka com.magzter.dealsideinstitutional) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7423Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Youth Incorporated (aka com.magzter.youthincorporated) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7420Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Just Bureaucracy (aka com.magzter.justbureaucracy) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7418Oct 19, 2014
    risk 0.00cvss epss 0.00

    The BBC Knowledge Magazine (aka com.magzter.bbcknowledge) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7414Oct 19, 2014
    risk 0.00cvss epss 0.00

    The CLEO Malaysia (aka com.magzter.cleomalaysia) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7388Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Sunday Indian Oriya (aka com.magzter.thesundayindianoriya) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7373Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Inspire Weddings (aka com.magzter.inspireweddings) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7366Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Identity (aka com.magzter.identity) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7354Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Penumbra eMag (aka com.magzter.penumbraemag) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7351Oct 19, 2014
    risk 0.00cvss epss 0.00

    The GLOBAL MOVIE MAGAZINE (aka com.magzter.globalmoviemagazine) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7348Oct 19, 2014
    risk 0.00cvss epss 0.00

    The HOT CARS (aka com.magzter.hotcars) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7346Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Bespoke (aka com.magzter.bespoke) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7334Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Where Dallas (aka com.magzter.wheredallas) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7327Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Macau Business (aka com.magzter.macaubusiness) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7325Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Business Intelligence (aka com.magzter.businessintelligence) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7323Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Dignity Dialogue (aka com.magzter.dignitydialogue) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7315Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Where Atlanta (aka com.magzter.whereatlanta) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7314Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Intelligent SME (aka com.magzter.intelligentsme) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7125Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Motor (aka com.magzter.motorhwpublishing) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7121Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Dhanam (aka com.magzter.dhanam) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7107Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Human Factor (aka com.magzter.thehumanfactor) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7099Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Woodcraft Magazine (aka com.magzter.woodcraftmagazine) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7076Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Sanctuary Asia (aka com.magzter.sanctuaryasia) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7071Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Autocar India (aka com.magzter.autocarindia) application 3.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7066Oct 19, 2014
    risk 0.00cvss epss 0.00

    The LegalEra (aka com.magzter.legalera) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-7057Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Hong Kong Tatler Society (aka com.magzter.hongkongtatlersociety) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Page 1 of 2