Max CVSS 7.5 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2012-6636 6.8
The Android API before 17 does not properly restrict the WebView.addJavascriptInterface method, which allows remote attackers to execute arbitrary methods of Java objects by using the Java Reflection API within crafted JavaScript code that is loaded
02-06-2016 - 02:20 03-03-2014 - 04:50
CVE-2014-1887 4.3
The DrinkedIn BarFinder application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain sensitive fine-geolocation information, by leveraging control over on
07-03-2014 - 20:04 03-03-2014 - 04:50
CVE-2014-1886 6.8
The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently access external-storage resources, by leveraging control over one of a number o
07-03-2014 - 20:02 03-03-2014 - 04:50
CVE-2014-1885 6.4
The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain write access to external-storage resources, by leveraging control over any Go
07-03-2014 - 20:01 03-03-2014 - 04:50
CVE-2012-6637 7.5
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of domain-name regular expressions, which allows remote attackers to bypass a whitelist protection mechanism via a domain name that contains an acceptable nam
03-03-2014 - 20:42 03-03-2014 - 04:50
CVE-2014-1881 7.5
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certa
03-03-2014 - 20:39 03-03-2014 - 04:50
CVE-2014-1884 7.5
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1)
03-03-2014 - 20:37 03-03-2014 - 04:50
CVE-2014-1883 7.5
Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in
03-03-2014 - 20:32 03-03-2014 - 04:50
CVE-2014-1882 7.5
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly acce
03-03-2014 - 20:26 03-03-2014 - 04:50
Back to Top Mark selected
Back to Top