CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2014/09/09 10:0 a.m.•37 views

CVE-2014-5818

CVE-2014-5818 affects the Android app Tiny Tower (com.mobage.ww.a560.tinytower_android) v1.7.0.8. The vulnerability is that the app does not verify X.509 certificates from SSL servers, allowing MITM attackers to spoof servers and obtain sensitive information via a crafted certificate. Root cause:...

5.4CVSS6AI score0.00134EPSS

NVD•added 2014/09/09 1:55 a.m.•9 views

CVE-2014-5599

The Tiny Farm aka com.com2us.tinyfarm.normal.freefull.google.global.android.common application 2.02.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS5.9AI score0.00134EPSS

Exploits0References3

Prion•added 2014/09/09 1:55 a.m.•16 views

Design/Logic Flaw

5.4CVSS6.4AI score0.00134EPSS

CVE•added 2014/09/09 1:0 a.m.•40 views

CVE-2014-5599

The Tiny Farm Android app (package com.com2us.tinyfarm.normal.freefull.google.global.android.common, version 2.02.00) is affected by CVE-2014-5599, where the app does not verify X.509 certificates from SSL servers. This missing certificate validation enables man-in-the-middle attackers to spoof s...

5.4CVSS6AI score0.00134EPSS

Cvelist•added 2014/09/09 1:0 a.m.•17 views

CVE-2014-5599

5.9AI score0.00134EPSS

Exploits0References3

WPVulnDB•added 2014/08/01 10:58 a.m.•612 views

tiny-url <= 1.3.2 - XSS in ZeroClipboard

The Tiny URL WordPress plugin was affected by a XSS in ZeroClipboard security vulnerability...

4.3CVSS1.7AI score0.01856EPSS

Exploits4References2Affected Software1

seebug.org•added 2014/07/01 12:0 a.m.•14 views

XOOPS Tiny Event 1.01 - 'print' Option SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27931/info Tiny Event is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...

seebug.org•added 2014/07/01 12:0 a.m.•13 views

Tiny Portal 1.0 - 'shouts' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28630/info Tiny Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

seebug.org•added 2014/07/01 12:0 a.m.•15 views

Tiny Server <= 1.1.9 HTTP HEAD DoS

No description provided by source. !/usr/bin/python Overflow exploiting a vulnerability in Tiny Server =1.1.9 HTTP HEAD request. Date of Discovery: 3/19/2012 0 Day Author: Brock Haun Vulnerable Software Download: http://tinyserver.sourceforge.net/tinyserverfull.zip Software Version: =1.1.9 Target...

seebug.org•added 2014/07/01 12:0 a.m.•14 views

Tiny Web Gallery 1.5 Image Parameter Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19462/info Tiny Web Gallery is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary...

Amazon•added 2014/06/15 12:0 a.m.•16 views

Low: perl-Capture-Tiny

Issue Overview: It was found 1 that the Capture::Tiny module, provided by the perl-Capture-Tiny package, used the File::temp::tmpnam module to generate temporary files: ./lib/Capture/Tiny.pm: $stash-flagfiles$which = scalar tmpnam; This module makes use of the mktemp function when called in the...

3.6CVSS6.5AI score0.00078EPSS

Exploits1

OSV•added 2014/04/25 2:15 p.m.•0 views

UBUNTU-CVE-2012-4230

The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyMCE security policy for the 1 encoding directive and 2 validelements attribute, which allows attackers to conduct cross-site scripting XSS attacks via application-specific vectors, as demonstrated using a textarea element...

4.3CVSS7AI score0.0058EPSS

Exploits2References7

OpenVAS•added 2014/02/25 12:0 a.m.•14 views

Fedora Update for perl-Capture-Tiny FEDORA-2014-2261

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.6CVSS6.5AI score0.00078EPSS

OpenVAS•added 2014/02/25 12:0 a.m.•11 views

Fedora Update for perl-Capture-Tiny FEDORA-2014-2321

3.6CVSS6.5AI score0.00078EPSS

OpenVAS•added 2014/02/25 12:0 a.m.•18 views

Fedora Update for perl-Capture-Tiny FEDORA-2014-2261

Check for the Version of perl-Capture-Tiny OpenVAS Vulnerability Test Fedora Update for perl-Capture-Tiny FEDORA-2014-2261 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

3.6CVSS0.00078EPSS

OpenVAS•added 2014/02/25 12:0 a.m.•20 views

Fedora Update for perl-Capture-Tiny FEDORA-2014-2321

Check for the Version of perl-Capture-Tiny OpenVAS Vulnerability Test Fedora Update for perl-Capture-Tiny FEDORA-2014-2321 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

3.6CVSS0.00078EPSS