Security Vulnerabilities - CVEs Published In April 2017
Akerun - Smart Lock Robot App for iOS before 1.2.4 does not verify SSL certificates.
CVSS Score
8.1
EPSS Score
0.005
Published
2017-04-21
Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not validate SSL certificates.
CVSS Score
5.9
EPSS Score
0.002
Published
2017-04-21
Cybozu Garoon before 4.2.1 allows remote attackers to cause a denial of service.
CVSS Score
6.5
EPSS Score
0.008
Published
2017-04-21
DMM Movie Player App for Android before 1.2.1, and DMM Movie Player App for iPhone/iPad before 2.1.3 does not verify SSL certificates.
CVSS Score
5.9
EPSS Score
0.002
Published
2017-04-21
Sushiro App for iOS 2.1.16 and earlier and Sushiro App for Android 2.1.16.1 and earlier do not verify SSL certificates.
CVSS Score
5.9
EPSS Score
0.006
Published
2017-04-21
WAON "Service Application" for Android 1.4.1 and earlier does not verify SSL certificates.
CVSS Score
5.9
EPSS Score
0.006
Published
2017-04-21
Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and earlier do not verify SSL certificates.
CVSS Score
5.9
EPSS Score
0.006
Published
2017-04-21
Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers.
CVSS Score
4.3
EPSS Score
0.007
Published
2017-04-21
Untrusted search path vulnerability in the installer of PhishWall Client Internet Explorer before 3.7.8.2.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-04-21
Heartland Payment Systems Payment Gateway PHP SDK hps/heartland-php v2.8.17 is vulnerable to a reflected XSS in examples/consumer-authentication/cruise.php via the URI, as demonstrated by the cavv parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-04-21