Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2012-6636 | 6.8 |
The Android API before 17 does not properly restrict the WebView.addJavascriptInterface method, which allows remote attackers to execute arbitrary methods of Java objects by using the Java Reflection API within crafted JavaScript code that is loaded
|
28-07-2020 - 05:15 | 03-03-2014 - 04:50 | |
CVE-2014-1887 | 4.3 |
The DrinkedIn BarFinder application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain sensitive fine-geolocation information, by leveraging control over on
|
07-03-2014 - 20:04 | 03-03-2014 - 04:50 | |
CVE-2014-1886 | 6.8 |
The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently access external-storage resources, by leveraging control over one of a number o
|
07-03-2014 - 20:02 | 03-03-2014 - 04:50 | |
CVE-2014-1885 | 6.4 |
The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain write access to external-storage resources, by leveraging control over any Go
|
07-03-2014 - 20:01 | 03-03-2014 - 04:50 | |
CVE-2012-6637 | 7.5 |
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of domain-name regular expressions, which allows remote attackers to bypass a whitelist protection mechanism via a domain name that contains an acceptable nam
|
03-03-2014 - 20:42 | 03-03-2014 - 04:50 | |
CVE-2014-1881 | 7.5 |
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certa
|
03-03-2014 - 20:39 | 03-03-2014 - 04:50 | |
CVE-2014-1884 | 7.5 |
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1)
|
03-03-2014 - 20:37 | 03-03-2014 - 04:50 | |
CVE-2014-1883 | 7.5 |
Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in
|
03-03-2014 - 20:32 | 03-03-2014 - 04:50 | |
CVE-2014-1882 | 7.5 |
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly acce
|
03-03-2014 - 20:26 | 03-03-2014 - 04:50 |