|
257101
|
- |
|
tapjoy
|
tapjoy_library
|
The Tapjoy library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificat…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5527
|
2014-09-9 23:56 |
2014-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257102
|
- |
|
playscape
|
mominis_library
|
The MoMinis library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certifica…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5525
|
2014-09-9 23:55 |
2014-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257103
|
- |
|
adcolony
|
adcolony_library
|
The Adcolony library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certific…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5524
|
2014-09-9 23:47 |
2014-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257104
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the Workspace Manager component in Oracle Database 11.1.0.6, 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect co…
|
NVD-CWE-noinfo
|
CVE-2009-0972
|
2014-09-9 02:56 |
2009-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257105
|
- |
|
piwigo
|
piwigo
|
Cross-site scripting (XSS) vulnerability in admin/picture_modify.php in the photo-edit subsystem in Piwigo 2.6.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ass…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3900
|
2014-09-9 02:54 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257106
|
- |
|
tenfourzero
|
shutter
|
SQL injection vulnerability in lib/admin.php in tenfourzero Shutter 0.1.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-3904
|
2014-09-9 02:51 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257107
|
- |
|
tenfourzero
|
shutter
|
Cross-site scripting (XSS) vulnerability in tenfourzero Shutter 0.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3905
|
2014-09-9 02:51 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257108
|
- |
|
xml-dt_project
|
xml-dt
|
The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file.
|
CWE-59
Link Following
|
CVE-2014-5260
|
2014-09-9 02:49 |
2014-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257109
|
- |
|
netmaster
|
cbw700_software
netmaster_cbw700n
|
The Netmaster CBW700N cable modem with software 81.447.392110.729.024 has an SNMP community of public, which allows remote attackers to obtain sensitive credential, key, and SSID information via an S…
|
CWE-200
Information Exposure
|
CVE-2014-4862
|
2014-09-9 02:23 |
2014-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257110
|
- |
|
arris
|
touchstone_dg950a_software
touchstone_dg950a
|
The Arris Touchstone DG950A cable modem with software 7.10.131 has an SNMP community of public, which allows remote attackers to obtain sensitive password, key, and SSID information via an SNMP reque…
|
CWE-200
Information Exposure
|
CVE-2014-4863
|
2014-09-9 02:11 |
2014-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
