NVD List

Id Name Description Reject CVSS Version CVSS Score Severity Pub Date Modified Date Actions
35633  CVE-2014-8631  The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 supports native-interface passing, which allows remote attackers to bypass intended DOM object restrictions via a call to an unspecified method.    4.3  Medium  2017-01-19  2016-12-21  View
35889  CVE-2014-9102  Multiple SQL injection vulnerabilities in the Kunena component before 3.0.6 for Joomla! allow remote authenticated users to execute arbitrary SQL commands via the index value in an array parameter, as demonstrated by the topics[] parameter in an unfavorite action to index.php.    6.5  Medium  2017-01-19  2014-12-05  View
36145  CVE-2014-9442  SQL injection vulnerability in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the q parameter in a promotionProductSearch action to wp-admin/admin-ajax.php.    6.5  Medium  2017-01-19  2015-01-05  View
36401  CVE-2014-9878  drivers/mmc/card/mmc_block_test.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not reject kernel-space buffer addresses, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769208 and Qualcomm internal bug CR547479.    6.8  Medium  2017-01-19  2016-11-28  View
36657  CVE-2013-0310  The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an IPOPT_CIPSO IP_OPTIONS setsockopt system call.    6.6  Medium  2017-01-18  2013-03-07  View

Page 1787 of 17672, showing 5 records out of 88360 total, starting on record 8931, ending on 8935

Actions