NVD List
Id | Name | Description | Reject | CVSS Version | CVSS Score | Severity | Pub Date | Modified Date | Actions |
---|---|---|---|---|---|---|---|---|---|
34825 | CVE-2014-7455 | The Zoella Unofficial (aka com.automon.ay.zoella) application 1.4.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 2 | 5.4 | Medium | 2017-01-19 | 2014-11-14 | View | |
35081 | CVE-2014-7780 | The Pakistan Cricket News (aka com.conduit.app_cf18df8bdf454eb0a836e2d29886bc40.app) application 1.21.38.6504 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 2 | 5.4 | Medium | 2017-01-19 | 2014-11-14 | View | |
35337 | CVE-2014-8120 | The agent in Thermostat before 1.0.6, when using unspecified configurations, allows local users to obtain the JMX management URLs of all local Java virtual machines and gain privileges via unknown vectors. | 2 | 4.4 | Medium | 2017-01-19 | 2014-12-18 | View | |
35593 | CVE-2014-8585 | Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the fname parameter to (1) views/file_download.php or (2) file_download.php. | 2 | 5 | Medium | 2017-01-19 | 2014-11-05 | View | |
35849 | CVE-2014-9028 | Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file. | 2 | 7.5 | High | 2017-01-19 | 2016-10-25 | View |
Page 1007 of 17672, showing 5 records out of 88360 total, starting on record 5031, ending on 5035