CVE List

Id CVE No. Status Description Phase Votes Comments Actions
8208  CVE-2003-1384  Candidate  Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1.0 allows remote attackers to insert arbitrary web script or HTML via the (1) titre, (2) Votre pseudo, (3) Votre e-mail, or (4) Votre message fields.  Assigned (20071018)  None (candidate not yet proposed)    View
73744  CVE-2014-6444  Candidate  Multiple cross-site scripting (XSS) vulnerabilities in the Titan Framework plugin before 1.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to iframe-googlefont-preview.php or the (2) text parameter to iframe-font-preview.php.  Assigned (20140916)  None (candidate not yet proposed)    View
74000  CVE-2014-6700  Candidate  The NBA Game Time 2013-2014 (aka com.nbadigital.gametimelite) application 4.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.  Assigned (20140919)  None (candidate not yet proposed)    View
8720  CVE-2004-0292  Candidate  Buffer overflow in KarjaSoft Sami HTTP Server 1.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.  Proposed (20040318)  NOOP(4) Armstrong, Cole, Cox, Wall    View
74256  CVE-2014-6956  Candidate  The Hydrogen Water (aka com.appzone628) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.  Assigned (20140919)  None (candidate not yet proposed)    View

Page 1895 of 20943, showing 5 records out of 104715 total, starting on record 9471, ending on 9475

Actions