1410 matches found
Smart Maps Offline - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Smart Maps Offline published at the 'play' market has multiple vulnerabilities...
God Live Wallpaper - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application God Live Wallpaper published at the 'play' market has multiple vulnerabilities...
Media Server - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Media Server published at the 'play' market has multiple vulnerabilities...
Sirens and Horns - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Sirens and Horns published at the 'play' market has multiple vulnerabilities...
Speak German - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Speak German published at the 'play' market has multiple vulnerabilities...
Happy Cyanide - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Happy Cyanide published at the 'play' market has multiple vulnerabilities...
UBUNTU-CVE-2015-1274
Google Chrome before 44.0.2403.89 does not ensure that the auto-open list omits all dangerous file types, which makes it easier for remote attackers to execute arbitrary code by providing a crafted file and leveraging a user's previous "Always open files of this type" choice, related to...
CVE-2015-1274
Removed by vendor...
CVE-2013-5576
administrator/components/commedia/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . dot...
VulnCheck KEV: CVE-2013-5576
administrator/components/commedia/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing...
Out-of-bounds
Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service out-of-bounds read via vectors related to a "user gesture check for dangerous file downloads."...
CVE-2013-0888
Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service out-of-bounds read via vectors related to a "user gesture check for dangerous file downloads."...
CVE-2013-0888
Removed by vendor...
Google Chrome < 25.0.1364.97 Multiple Vulnerabilities
Binary data 6694.pasl...
Sky classroom file upload vulnerability-vulnerability warning-the black bar safety net
Brief description: Allow the upload of dangerous file type,this system is still a lot of Open the network course website, as shown in Figure, landing it, and now SkyDrive. Upload a PHP file, the web site didn't filter PHP file. ! 1 8-300x166. png ! 1 8-300x166. png ! 1 8-300x166. png After enteri...
CVE-2011-2739
The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x before 7.4.3.g does not properly restrict the uploading and opening of files with dangerous file types, which allows remote authenticated users to execute arbitrary code via an uploaded file...
DEBIAN-CVE-2011-3012
The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror 2007-12-20, does not check for dangerous file extensions before writing to the quake3 directory, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates...
CVE-2011-3012
The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror 2007-12-20, does not check for dangerous file extensions before writing to the quake3 directory, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates...
UBUNTU-CVE-2011-3012
The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror 2007-12-20, does not check for dangerous file extensions before writing to the quake3 directory, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates...
Design/Logic Flaw
The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror 2007-12-20, does not check for dangerous file extensions before writing to the quake3 directory, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates...