NVD List

Id Name Description Reject CVSS Version CVSS Score Severity Pub Date Modified Date Actions
34825  CVE-2014-7455  The Zoella Unofficial (aka com.automon.ay.zoella) application 1.4.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.    5.4  Medium  2017-01-19  2014-11-14  View
35081  CVE-2014-7780  The Pakistan Cricket News (aka com.conduit.app_cf18df8bdf454eb0a836e2d29886bc40.app) application 1.21.38.6504 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.    5.4  Medium  2017-01-19  2014-11-14  View
35337  CVE-2014-8120  The agent in Thermostat before 1.0.6, when using unspecified configurations, allows local users to obtain the JMX management URLs of all local Java virtual machines and gain privileges via unknown vectors.    4.4  Medium  2017-01-19  2014-12-18  View
35593  CVE-2014-8585  Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the fname parameter to (1) views/file_download.php or (2) file_download.php.    Medium  2017-01-19  2014-11-05  View
35849  CVE-2014-9028  Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.    7.5  High  2017-01-19  2016-10-25  View

Page 1007 of 17672, showing 5 records out of 88360 total, starting on record 5031, ending on 5035

Actions