|
277481
|
- |
|
mopl
|
phone_for_google_voice_\&_gtalk
|
The PHONE for Google Voice & GTalk (aka com.moplus.gvphone) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers …
|
CWE-310
Cryptographic Issues
|
CVE-2014-5819
|
2024-11-21 11:13 |
2014-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277482
|
- |
|
mobage
|
tiny_tower
|
The Tiny Tower (aka com.mobage.ww.a560.tinytower_android) application 1.7.0.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof server…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5818
|
2024-11-21 11:13 |
2014-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277483
|
- |
|
flurry
|
flurry-analytics-android
|
The Flurry library before 3.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a craft…
|
CWE-310
Cryptographic Issues
|
CVE-2014-6024
|
2024-11-21 11:13 |
2014-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277484
|
- |
|
torrentflux_project
|
torrentflux
|
TorrentFlux 2.4 allows remote authenticated users to delete or modify other users' cookies via the cid parameter in an editCookies action to profile.php.
|
CWE-20
Improper Input Validation
|
CVE-2014-6029
|
2024-11-21 11:13 |
2014-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277485
|
- |
|
torrentflux_project
|
torrentflux
|
TorrentFlux 2.4 allows remote authenticated users to obtain other users' cookies via the cid parameter in an editCookies action to profile.php.
|
CWE-20
Improper Input Validation
|
CVE-2014-6028
|
2024-11-21 11:13 |
2014-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277486
|
- |
|
dhcpcd_project
google
|
dhcpcd
android
|
The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHO_OPTIONSOVERLOADED option in the (1) bootfile or (2) serve…
|
CWE-399
Resource Management Errors
|
CVE-2014-6060
|
2024-11-21 11:13 |
2014-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277487
|
- |
|
mcafee
|
web_gateway
|
The Accounts tab in the administrative user interface in McAfee Web Gateway (MWG) before 7.3.2.9 and 7.4.x before 7.4.2 allows remote authenticated users to obtain the hashed user passwords via unspe…
|
CWE-200
Information Exposure
|
CVE-2014-6064
|
2024-11-21 11:13 |
2014-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277488
|
- |
|
google
|
android_browser
|
The Android WebView in Android before 4.4 allows remote attackers to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open('\…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-6041
|
2024-11-21 11:13 |
2014-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277489
|
- |
|
-
|
-
|
Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because untrusted input is used for part of the input data passed to an eval operation.
|
-
|
CVE-2014-5470
|
2024-11-21 11:12 |
2024-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277490
|
8.8 |
HIGH
Network
|
getrailo
|
railo
|
A File Inclusion vulnerability exists in Railo 4.2.1 and earlier via a specially-crafted URL request to the thumbnail.cfm to specify a malicious PNG file, which could let a remote malicious user obta…
|
CWE-20
Improper Input Validation
|
CVE-2014-5468
|
2024-11-21 11:12 |
2020-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
