NVD List

Id Name Description Reject CVSS Version CVSS Score Severity Pub Date Modified Date Actions
33585  CVE-2014-5960  The BundesArztsuche (aka de.kbv.bas) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.    5.4  Medium  2017-01-19  2014-09-23  View
33841  CVE-2014-6313  Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the range parameter on the wc-reports page to wp-admin/admin.php.    4.3  Medium  2017-01-19  2014-10-22  View
34097  CVE-2014-6616  Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) with firmware FG-x00-PB_V2.02.0.00 allows remote attackers to inject arbitrary web script or HTML via the DEVICE_NAME parameter to cgi-bin/CFGhttp/.    4.3  Medium  2017-01-19  2015-09-01  View
34353  CVE-2014-6880  The TradeHero (aka com.tradehero.th) application 2.2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.    5.4  Medium  2017-01-19  2014-11-14  View
34865  CVE-2014-7506  The Realtime Music Rank (aka com.blogspot.imapp.immusicrank2) application 5.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.    5.4  Medium  2017-01-19  2014-11-14  View

Page 1786 of 17672, showing 5 records out of 88360 total, starting on record 8926, ending on 8930

Actions