Lucene search
K

2030 matches found

NVD
NVD
added 2014/11/15 9:59 p.m.23 views

CVE-2014-3500

Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL...

6.4CVSS6.4AI score0.04062EPSS
Exploits0References2
Prion
Prion
added 2014/11/15 9:59 p.m.29 views

Information disclosure

Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent...

4.3CVSS7.1AI score0.04964EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/11/15 9:0 p.m.24 views

CVE-2014-3500

Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL...

6.4AI score0.04062EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/11/15 9:0 p.m.26 views

CVE-2014-3502

Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent...

6.6AI score0.04964EPSS
Exploits0References3
CVE
CVE
added 2014/11/15 9:0 p.m.70 views

CVE-2014-3500

Apache Cordova for Android (pre-3.5.1) is vulnerable to Cross-Application Scripting via crafted Android intents that can change the start page, enabling an attacker to execute script in the victim’s browser and potentially steal cookie-based credentials. The issue stems from insufficient input va...

6.4CVSS6.5AI score0.04062EPSS
Exploits0References2Affected Software1
myhack58
myhack58
added 2014/08/25 12:0 a.m.56 views

Millet mobile phone MIUI remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

Author: song Shen lei Reproduced please indicate the source http://blogs.360.cn/360mobile/2014/08/25/miui-rce-vul/ 7 on I in the study of the webview vulnerability when the specially picked millet phone MIUI tested,found a very obvious security vulnerability. Through the vulnerability can remotel...

9.3CVSS0.7AI score0.42623EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.35 views

GTK+ 1.2.8 Arbitrary Loadable Module Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2165/info GTK+ is the Gimp Toolkit, freely available to the public and maintained by the GTK Development Team. A problem exists in the Gimp Toolkit that could allow a user elevated privileges. The problem occurs in the...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2014/06/16 3:56 p.m.7 views

Ten Years Later, Cabir Worm's Place in History is Unique

It’s difficult to remember now–and seems quaint even if you can recall it–but there was a time in the not-so-distant past when industry analysts and security experts were worried about the coming mobile malware apocalypse. Self-replicating malware would soon be flooding our phones, deleting our...

7AI score
Exploits0References2
Drupal
Drupal
added 2014/06/11 12:0 a.m.12 views

SA-CONTRIB-2014-060- Petitions - Cross Site Request Forgery (CSRF)

This distribution enables you to build an application that lets users create and sign petitions. The contained whpetitions module doesn't sufficiently verify the intent of the user when signing a petition. A malicious user could trick another user into signing a petition they did not intend to si...

7AI score
Exploits0References12
The Hacker News
The Hacker News
added 2014/03/26 10:0 p.m.46 views

Multiple Vulnerabilities in Firefox for Android Leak Sensitive Information

The Android operating system has hardened its security with application Sandboxing features to ensure that no application can access sensitive information held by another without proper privileges. Android applications communicate with each other through Intents and these intents can be abused by...

6.4CVSS8.7AI score0.02344EPSS
Exploits3
ThreatPost
ThreatPost
added 2014/02/13 4:21 p.m.10 views

Phony SSL Certs Spoof Google, Facebook, GoDaddy, others

Dozens of phony SSL certificates were discovered this week mocking legitimate certs from banks, e-commerce sites, ISPs and social networks. If a user stumbled over one of the bogus certificates on a mobile device it could put them at risk for a man-in-the-middle attack. Disguised as official...

0.5AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/02/06 3:20 a.m.3 views

Opera browser for Android issue in handling intent scheme URL's

Overview Opera browser for Android contains an issue in the handling of intent scheme URL's. Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact When a use...

4.3CVSS6.7AI score0.01031EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/02/06 12:0 a.m.24 views

JVN#23256725: Opera browser for Android issue in handling intent scheme URL's

Opera browser for Android contains an issue in the handling of intent scheme URL's. Impact When a user views a specially crafted page, the Opera browser for Android cookie file may be disclosed. Solution Apply an Update Apply the appropriate update for the version of the software being used...

4.3CVSS6.2AI score0.01031EPSS
Exploits0
Packet Storm
Packet Storm
added 2013/11/04 12:0 a.m.30 views

WordPress ThisWay Shell Upload

. . / / | // | | .. / \ \ \ \ \ / ||| \ | | / \ / |/ | |/ | / | | // | | | | \ / //|| /\ \ ||| / | /\ /// \ \ //|| | / /|| /| ||/|| / / / / || // / / / / || / / Exploit title: WordPress ThisWay theme - Arbitrary File Upload Vulnerability Author: Bet0 Google Dork:...

0.2AI score
Exploits0
NVD
NVD
added 2013/07/29 1:59 p.m.13 views

CVE-2013-3580

The TrustGo Antivirus & Mobile Security application before 1.3.6 for Android allows attackers to cause a denial of service application crash via a crafted application that sends an intent to com.trustgo.mobile.security.USSDScannerActivity with zero arguments...

4.3CVSS6.4AI score0.01273EPSS
Exploits0References2
CERT
CERT
added 2013/07/26 12:0 a.m.25 views

TrustGo Antivirus & Mobile Security contains a denial-of-service vulnerability

Overview TrustGo Antivirus & Mobile Security versions 1.2.7 through 1.3.5 contain a denial-of-service CWE-20 vulnerability. Description CWE-20:Improper Input Validation- CVE-2013-3580TrustGo Antivirus & Mobile Security versions 1.2.7 through 1.3.5 crash if an intent is sent to...

4.3CVSS6.1AI score0.01273EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/07/25 12:0 a.m.25 views

SuSE 11.3 Security Update : lcms2 (SAT Patch Number 8091)

lcms2 has been updated to the version 2.5 which is a maintenance release to fix various security and other bugs. - User defined parametric curves can now be saved in ICC profiles. - RGB profiles using same tone curves for several channels are storing now only one copy of the curve - update black...

5.4AI score
Exploits0References1
NVD
NVD
added 2013/07/10 9:55 p.m.14 views

CVE-2013-3579

The Lookout Mobile Security application before 8.17-8a39d3f for Android allows attackers to cause a denial of service application crash via a crafted application that sends an intent to com.lookout.security.ScanTell with zero arguments...

4.3CVSS6.4AI score0.00975EPSS
Exploits0References1
Prion
Prion
added 2013/07/10 9:55 p.m.18 views

Code injection

The Lookout Mobile Security application before 8.17-8a39d3f for Android allows attackers to cause a denial of service application crash via a crafted application that sends an intent to com.lookout.security.ScanTell with zero arguments...

4.3CVSS6.9AI score0.00975EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/07/10 9:0 p.m.18 views

CVE-2013-3579

The Lookout Mobile Security application before 8.17-8a39d3f for Android allows attackers to cause a denial of service application crash via a crafted application that sends an intent to com.lookout.security.ScanTell with zero arguments...

6.4AI score0.00975EPSS
Exploits0References1
Rows per page
Query Builder