NVD List
Id | Name | Description | Reject | CVSS Version | CVSS Score | Severity | Pub Date | Modified Date | Actions |
---|---|---|---|---|---|---|---|---|---|
33585 | CVE-2014-5960 | The BundesArztsuche (aka de.kbv.bas) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 2 | 5.4 | Medium | 2017-01-19 | 2014-09-23 | View | |
33841 | CVE-2014-6313 | Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the range parameter on the wc-reports page to wp-admin/admin.php. | 2 | 4.3 | Medium | 2017-01-19 | 2014-10-22 | View | |
34097 | CVE-2014-6616 | Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) with firmware FG-x00-PB_V2.02.0.00 allows remote attackers to inject arbitrary web script or HTML via the DEVICE_NAME parameter to cgi-bin/CFGhttp/. | 2 | 4.3 | Medium | 2017-01-19 | 2015-09-01 | View | |
34353 | CVE-2014-6880 | The TradeHero (aka com.tradehero.th) application 2.2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 2 | 5.4 | Medium | 2017-01-19 | 2014-11-14 | View | |
34865 | CVE-2014-7506 | The Realtime Music Rank (aka com.blogspot.imapp.immusicrank2) application 5.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 2 | 5.4 | Medium | 2017-01-19 | 2014-11-14 | View |
Page 1786 of 17672, showing 5 records out of 88360 total, starting on record 8926, ending on 8930