Page(s) : 1 [2] 3 4 5 | Result(s) : 82 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
5.4 | 2014-09-30 | CVE-2014-6827 | cve | The DK ONLINE Beta (aka com.sgmobile.dkonline) application 1.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spo... |
5.4 | 2014-09-30 | CVE-2014-6828 | cve | The Gulf Credit Union (aka Fi_Mobile.Gulf) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof ser... |
5.4 | 2014-09-30 | CVE-2014-6829 | cve | The Hook (aka com.hook.android) application 0.9.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and ... |
5.4 | 2014-09-30 | CVE-2014-6830 | cve | The Covet Fashion - Shopping Game (aka com.crowdstar.covetfashion) application 2.14.40 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-m... |
5.4 | 2014-09-30 | CVE-2014-6831 | cve | The Hippo Studio (aka com.appgreen.hippostudio) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoo... |
5.4 | 2014-09-30 | CVE-2014-6832 | cve | The Bersa Forum (aka com.gcspublishing.bersaforum) application 3.9.16 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers t... |
5.4 | 2014-09-30 | CVE-2014-6833 | cve | The AuctionTrac Dealer (aka com.adesa.dealer.phone) application 2.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers t... |
5.4 | 2014-09-30 | CVE-2014-6834 | cve | The Instaroid - Instagram Viewer (aka net.muik.instaroid) application 1.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attac... |
5.4 | 2014-09-30 | CVE-2014-6835 | cve | The Herbal Guide (aka com.pocket.herbal.guide) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof... |
5.4 | 2014-09-30 | CVE-2014-6836 | cve | The DS photo+ (aka com.synology.dsphoto) application 3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof serve... |
6.8 | 2014-09-30 | CVE-2012-5485 | cve | registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface. |
6.4 | 2014-09-30 | CVE-2012-5486 | cve | ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) ch... |
5 | 2014-09-30 | CVE-2012-5488 | cve | python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject. |
6.5 | 2014-09-30 | CVE-2012-5489 | cve | The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 3.13.x before 2.13.11, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote au... |
4.3 | 2014-09-30 | CVE-2012-5490 | cve | Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecifie... |
4.3 | 2014-09-30 | CVE-2012-5491 | cve | z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and t... |
5 | 2014-09-30 | CVE-2012-5492 | cve | uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to obtain metadata about hidden objects via a crafted URL. |
4.3 | 2014-09-30 | CVE-2012-5494 | cve | Cross-site scripting (XSS) vulnerability in python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unsp... |
5 | 2014-09-30 | CVE-2012-5495 | cve | python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to "go_back." |
5 | 2014-09-30 | CVE-2012-5496 | cve | kupu_spellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service (ZServer thread lock) via a crafted URL. |
Page(s) : 1 [2] 3 4 5 | Result(s) : 82 |