CVE List
Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
---|---|---|---|---|---|---|---|
8208 | CVE-2003-1384 | Candidate | Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1.0 allows remote attackers to insert arbitrary web script or HTML via the (1) titre, (2) Votre pseudo, (3) Votre e-mail, or (4) Votre message fields. | Assigned (20071018) | None (candidate not yet proposed) | View | |
73744 | CVE-2014-6444 | Candidate | Multiple cross-site scripting (XSS) vulnerabilities in the Titan Framework plugin before 1.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to iframe-googlefont-preview.php or the (2) text parameter to iframe-font-preview.php. | Assigned (20140916) | None (candidate not yet proposed) | View | |
74000 | CVE-2014-6700 | Candidate | The NBA Game Time 2013-2014 (aka com.nbadigital.gametimelite) application 4.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | Assigned (20140919) | None (candidate not yet proposed) | View | |
8720 | CVE-2004-0292 | Candidate | Buffer overflow in KarjaSoft Sami HTTP Server 1.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. | Proposed (20040318) | NOOP(4) Armstrong, Cole, Cox, Wall | View | |
74256 | CVE-2014-6956 | Candidate | The Hydrogen Water (aka com.appzone628) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | Assigned (20140919) | None (candidate not yet proposed) | View |
Page 1895 of 20943, showing 5 records out of 104715 total, starting on record 9471, ending on 9475