NVD List
Id | Name | Description | Reject | CVSS Version | CVSS Score | Severity | Pub Date | Modified Date | Actions |
---|---|---|---|---|---|---|---|---|---|
35633 | CVE-2014-8631 | The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 supports native-interface passing, which allows remote attackers to bypass intended DOM object restrictions via a call to an unspecified method. | 2 | 4.3 | Medium | 2017-01-19 | 2016-12-21 | View | |
35889 | CVE-2014-9102 | Multiple SQL injection vulnerabilities in the Kunena component before 3.0.6 for Joomla! allow remote authenticated users to execute arbitrary SQL commands via the index value in an array parameter, as demonstrated by the topics[] parameter in an unfavorite action to index.php. | 2 | 6.5 | Medium | 2017-01-19 | 2014-12-05 | View | |
36145 | CVE-2014-9442 | SQL injection vulnerability in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the q parameter in a promotionProductSearch action to wp-admin/admin-ajax.php. | 2 | 6.5 | Medium | 2017-01-19 | 2015-01-05 | View | |
36401 | CVE-2014-9878 | drivers/mmc/card/mmc_block_test.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not reject kernel-space buffer addresses, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769208 and Qualcomm internal bug CR547479. | 2 | 6.8 | Medium | 2017-01-19 | 2016-11-28 | View | |
36657 | CVE-2013-0310 | The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an IPOPT_CIPSO IP_OPTIONS setsockopt system call. | 2 | 6.6 | Medium | 2017-01-18 | 2013-03-07 | View |
Page 1787 of 17672, showing 5 records out of 88360 total, starting on record 8931, ending on 8935