|
283561
|
- |
|
drupal
|
simplecorp
|
Cross-site scripting (XSS) vulnerability in the SimpleCorp theme 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7979
|
2024-11-21 11:18 |
2014-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283562
|
- |
|
drupal
|
bluemasters
|
Cross-site scripting (XSS) vulnerability in the BlueMasters theme 7.x-2.x before 7.x-2.1 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7978
|
2024-11-21 11:18 |
2014-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283563
|
- |
|
google
|
chrome
v8
|
Multiple unspecified vulnerabilities in Google V8 before 3.28.71.15, as used in Google Chrome before 38.0.2125.101, allow attackers to cause a denial of service or possibly have other impact via unkn…
|
NVD-CWE-noinfo
|
CVE-2014-7967
|
2024-11-21 11:18 |
2014-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283564
|
- |
|
drupal
|
custom_search_module
|
Cross-site scripting (XSS) vulnerability in the Custom Search module 6.x-1.x before 6.x-1.12 and 7.x-1.x before 7.x-1.14 for Drupal allows remote authenticated users with the "administer custom searc…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7870
|
2024-11-21 11:18 |
2014-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283565
|
- |
|
drupal
|
context_form_alteration_module
|
Cross-site scripting (XSS) vulnerability in the configuration UI in the Context Form Alteration module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "administer context…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7869
|
2024-11-21 11:18 |
2014-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283566
|
- |
|
apple
|
mac_os_x
|
The IOHIDSecurePromptClient function in Apple OS X does not properly validate pointer values, which allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a…
|
CWE-20
Improper Input Validation
|
CVE-2014-7861
|
2024-11-21 11:18 |
2014-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283567
|
- |
|
best_free_giveaways_project
|
best_free_giveaways
|
The Best Free Giveaways (aka com.wIphone5GiveAways) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obta…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7788
|
2024-11-21 11:17 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283568
|
- |
|
synapse
|
ishuttle
|
The iShuttle (aka com.synapse.ishuttle_user) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sens…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7787
|
2024-11-21 11:17 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283569
|
- |
|
magzter
|
english_football_magazine
|
The English Football Magazine (aka com.magzter.englishfootball) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof serv…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7786
|
2024-11-21 11:17 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283570
|
- |
|
onesolutionapps
|
aaaa_discount_bail
|
The AAAA Discount Bail (aka com.onesolutionapps.aaaadiscountbailandroid) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to s…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7785
|
2024-11-21 11:17 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
