This page aggregates publicly disclosed CVE and security risk information related to disney, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2014-5849 | The Maleficent Free Fall (aka com.disney.maleficent_goo) application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | [email protected] | 5.4 | 0.10% | 2014-09-09 | 2026-05-06 |
| CVE-2014-5607 | The Where's My Water? Free (aka com.disney.WMWLite) application 1.9.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | [email protected] | 5.4 | 0.16% | 2014-09-09 | 2026-05-06 |
| CVE-2014-5606 | The Where's My Perry? Free (aka com.disney.WMPLite) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | [email protected] | 5.4 | 0.13% | 2014-09-09 | 2026-05-06 |
| CVE-1999-1009 | The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system. | [email protected] | 2.6 | 0.35% | 1999-12-12 | 2026-04-16 |