Lucene search
K

1094 matches found

CVE
CVE
added 2015/09/20 5:0 p.m.37 views

CVE-2015-5634

CVE-2015-5634 affects Newphoria MEGAPHONE MUSIC (Android and iOS). The MEGAPHONE MUSIC app (Android/iOS) before version 1.1 is vulnerable to a URL-whitelist bypass via the app’s URL scheme, enabling loading of arbitrary pages. JVN/JVNDB entries specify impact: Android may allow an API deemed in t...

6.8CVSS6.3AI score0.01503EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/09/20 5:0 p.m.18 views

CVE-2015-5636

The Newphoria Reversi application before 1.0.3 for Android and before 1.2 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...

6.2AI score0.01093EPSS
Exploits0References3
CVE
CVE
added 2015/09/20 5:0 p.m.44 views

CVE-2015-5636

CVE-2015-5636 affects Newphoria Reversi on Android up to version 1.0.2 and iOS up to 1.1 (the advisory cites Android 1.0.3 and iOS 1.2 as non-vulnerable). The issue is a bypass of the URL whitelist protection, allowing an attacker to obtain API access via unspecified vectors by abusing the app’s ...

6.8CVSS6.3AI score0.01093EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2015/09/20 5:0 p.m.56 views

CVE-2015-5632

The Newphoria applican framework vulnerability (Android versions prior to 1.12.3; iOS prior to 1.12.2) is a URL whitelist bypass in the runtime engine. When an app is launched via the URL-scheme, the whitelist.xml protection can be bypassed and non‑whitelisted URLs may be accessed, enabling an AP...

6.8CVSS6.3AI score0.01093EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2015/09/20 5:0 p.m.48 views

CVE-2015-5637

The CVE-2015-5637 entry concerns the Android Photon application by Newphoria. Affected software: Photon for Android prior to version 1.2. The root cause is a bypass of the URL whitelist protection, enabling attackers to obtain API access via unspecified vectors. Documented impact indicates that a...

6.8CVSS6.7AI score0.01093EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/09/20 5:0 p.m.15 views

CVE-2015-5634

The Newphoria MEGAPHONE MUSIC application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...

6.2AI score0.01503EPSS
Exploits0References3
Cvelist
Cvelist
added 2015/09/20 5:0 p.m.19 views

CVE-2015-5635

The Newphoria Koritore application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...

6.2AI score0.01093EPSS
Exploits0References3
CVE
CVE
added 2015/09/20 5:0 p.m.42 views

CVE-2015-5635

The CVE-2015-5635 entries describe a vulnerability in Newphoria Koritore for Android and iOS prior to version 1.1 where the app can bypass the URL whitelist protection and gain API access. Affected products are Koritore for Android versions 1.0 and earlier and Koritore for iOS versions 1.0 and ea...

6.8CVSS6.3AI score0.01093EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/09/20 5:0 p.m.22 views

CVE-2015-5637

The Newphoria Photon application before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...

6.6AI score0.01093EPSS
Exploits0References3
Cvelist
Cvelist
added 2015/09/20 5:0 p.m.18 views

CVE-2015-5633

The Newphoria Auction Camera application for iOS and before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...

6.2AI score0.01093EPSS
Exploits0References3
Prion
Prion
added 2015/09/11 9:59 p.m.14 views

Code injection

The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.6.0 and earlier for Android and 1.0.2 and earlier for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...

6.8CVSS6.7AI score0.01118EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2015/09/11 9:59 p.m.18 views

CVE-2015-5629

The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.6.0 and earlier for Android and 1.0.2 and earlier for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...

6.8CVSS6.2AI score0.01118EPSS
Exploits0References4
Cvelist
Cvelist
added 2015/09/11 9:0 p.m.23 views

CVE-2015-5629

The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.6.0 and earlier for Android and 1.0.2 and earlier for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors...

6.2AI score0.01118EPSS
Exploits0References4
CVE
CVE
added 2015/09/11 9:0 p.m.43 views

CVE-2015-5629

The CVE pertains to the NTT Broadband Platform Japan Connected-free Wi‑Fi application (Android up to 1.6.0 and iOS up to 1.0.2). Multiple connected sources confirm a vulnerability that allows bypassing the URL whitelist protection and may enable arbitrary API execution or loading of arbitrary pag...

6.8CVSS6.3AI score0.01118EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/07/23 12:0 a.m.6 views

The vulnerability of the Adobe Reader PDF viewer program allows a hacker to circumvent access restrictions.

The vulnerability of the Adobe Reader PDF viewer program is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to bypass restrictions on access to the JavaScript API...

10CVSS5.5AI score0.05746EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/07/22 12:0 a.m.6 views

The vulnerability of the Adobe Reader DC PDF viewer program, which allows a hacker to circumvent access restrictions

The vulnerability of the Adobe Reader DC PDF viewer program is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to bypass restrictions on access to the JavaScript API...

10CVSS5.5AI score0.05746EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/07/22 12:0 a.m.7 views

The vulnerability of Adobe Acrobat’s PDF editing software allows a hacker to circumvent access restrictions.

The vulnerability of the Adobe Acrobat PDF editing program is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to bypass restrictions on access to the JavaScript API...

10CVSS5.5AI score0.05746EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/04/24 2:0 p.m.30 views

CVE-2015-0297

Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methods via the 1 ServerInvokerServlet or 2 SchedulerService or 3 cause a denial of service disk consumption via the ContentManager...

7.6AI score0.02196EPSS
Exploits0References2
CVE
CVE
added 2015/04/24 2:0 p.m.55 views

CVE-2015-0297

Red Hat JBoss Operations Network 3.3.1 is affected by CVE-2015-0297. The issue arises because the server did not correctly restrict access to certain remote APIs, enabling a remote, unauthenticated attacker to execute arbitrary Java methods via the ServerInvokerServlet or SchedulerService, and po...

9CVSS7.8AI score0.02196EPSS
Exploits0References2Affected Software1
Kaspersky
Kaspersky
added 2015/03/24 12:0 a.m.59 views

KLA10503 Multiple vulnerabilities in IBM products

Multiple serious vulnerabilities have been found in IBM products. Below is a complete list of vulnerabilities 1. Improper WAR applications support in IBM Bluemix can be exploited remotely via unspecified vectors related to Java overlay feature; 2. Improper API access restrictions in IBM API...

5.5CVSS6.2AI score0.03262EPSS
Exploits0References4
Rows per page
Query Builder