|
257421
|
- |
|
insta.me
|
instamessage_-_instagram_chat
|
The InstaMessage - Instagram Chat (aka com.futurebits.instamessage.free) application 1.6.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to…
|
CWE-310
Cryptographic Issues
|
CVE-2014-6690
|
2014-10-5 08:48 |
2014-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257422
|
- |
|
jingwei
|
jw_cards
|
The JW Cards (aka com.jingwei.card) application 3.8.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive i…
|
CWE-310
Cryptographic Issues
|
CVE-2014-6689
|
2014-10-5 08:47 |
2014-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257423
|
- |
|
wsaudichannelalnas_project
|
wsaudichannelalnas
|
The wSaudichannelAlNasr (aka com.wSaudichannelAlNasr) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and ob…
|
CWE-310
Cryptographic Issues
|
CVE-2014-6687
|
2014-10-5 08:46 |
2014-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257424
|
- |
|
voices
|
voices.com
|
The Voices.com (aka com.voices.voices) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive …
|
CWE-310
Cryptographic Issues
|
CVE-2014-6688
|
2014-10-5 08:46 |
2014-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257425
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.19, 1.22.x before 1.22.11, and 1.23.x before 1.23.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG …
|
CWE-79
Cross-site Scripting
|
CVE-2014-7199
|
2014-10-4 14:21 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257426
|
- |
|
redhat
|
icedtea-web
|
The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote attackers to cause a denial…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3422
|
2014-10-4 13:53 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257427
|
- |
|
redhat
|
icedtea-web
|
The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive informat…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3423
|
2014-10-4 13:53 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257428
|
- |
|
oracle
|
database_server
enterprise_manager_grid_control
|
Unspecified vulnerability in the Streams, AQ & Replication Mgmt component in Oracle Database Server 10.1.0.5 and 10.2.0.3, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers…
|
NVD-CWE-noinfo
|
CVE-2011-0822
|
2014-10-4 13:34 |
2011-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257429
|
- |
|
oracle
|
database_server
enterprise_manager_grid_control
|
Unspecified vulnerability in the Schema Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Con…
|
NVD-CWE-noinfo
|
CVE-2011-0870
|
2014-10-4 13:34 |
2011-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257430
|
- |
|
redhat
|
icedtea
|
IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive infor…
|
CWE-200
Information Exposure
|
CVE-2010-3860
|
2014-10-4 13:29 |
2010-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
