|
278051
|
- |
|
yukoyuko
|
_yuko_yuko
|
The Yuko Yuko (aka jp.co.yukoyuko.android.yukoyuko_android) application 1.0.5 and earlier for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to …
|
CWE-310
Cryptographic Issues
|
CVE-2014-5323
|
2024-11-21 11:11 |
2014-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278052
|
- |
|
sos
|
jobscheduler
|
XML External Entity (XXE) vulnerability in JobScheduler before 1.6.4246 and 7.x before 1.7.4241 allows remote attackers to cause a denial of service and read arbitrary files or directories via a requ…
|
NVD-CWE-Other
|
CVE-2014-5392
|
2024-11-21 11:11 |
2014-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278053
|
- |
|
eset
|
smart_security
endpoint_security
|
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows…
|
CWE-20
Improper Input Validation
|
CVE-2014-4973
|
2024-11-21 11:11 |
2014-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278054
|
- |
|
filemaker
|
filemaker_pro
filemaker_pro_advanced
|
Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 13 and Pro Advanced before 13 allows remote attackers to inject arbitrary web script or HTML via u…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5322
|
2024-11-21 11:11 |
2014-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278055
|
- |
|
filemaker
|
filemaker_pro
filemaker_pro_advanced
|
FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via …
|
CWE-310
Cryptographic Issues
|
CVE-2014-5321
|
2024-11-21 11:11 |
2014-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278056
|
- |
|
bump_project
|
bump
|
The Bump application for Android does not properly handle implicit intents, which allows attackers to obtain sensitive owner-name information via a crafted application.
|
CWE-200
Information Exposure
|
CVE-2014-5320
|
2024-11-21 11:11 |
2014-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278057
|
- |
|
dotclear
|
dotclear
|
Cross-site scripting (XSS) vulnerability in Dotclear before 2.6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted page.
|
CWE-79
Cross-site Scripting
|
CVE-2014-5316
|
2024-11-21 11:11 |
2014-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278058
|
- |
|
schneider-electric
aveva
|
scada_expert_clearscada
clearscada
|
Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allow remote authenticated users to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2014-5411
|
2024-11-21 11:11 |
2014-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278059
|
- |
|
php365
|
365_links
365_links_2\+
365_links2
365_links\+
|
Cross-site scripting (XSS) vulnerability in php365.com 365 Links 3.11 and earlier, 365 Links2 3.11 and earlier, 365 Links+ 2.10 and earlier, and 365 Links2+ 2.10 and earlier allows remote attackers t…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5317
|
2024-11-21 11:11 |
2014-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278060
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX) AppSuite before 7.4.2-rev33 and 7.6.x before 7.6.0-rev16 allows remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5235
|
2024-11-21 11:11 |
2014-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
