CVE-2014-8xxx

There are 853 CVE in this subgroup.
Last updated: 
← Back to 2014
ID Summary Flags Max Score
CVE-2014-8000 Cisco Unified Communications Manager IM and Presence Service 9.1(1) produces different returned mess...
CVE-2014-8001 Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute...
S
CVE-2014-8002 Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 1.2.0 and earlier allows remote a...
S
CVE-2014-8003 Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows...
CVE-2014-8004 Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establish...
CVE-2014-8005 Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System ...
CVE-2014-8006 The Disaster Recovery (DRA) feature on the Cisco ISB8320-E High-Definition IP-Only DVR allows remote...
CVE-2014-8007 Cisco Prime Infrastructure allows remote authenticated users to read device-discovery passwords by e...
CVE-2014-8008 Absolute path traversal vulnerability in the Real-Time Monitoring Tool (RTMT) API in Cisco Unified C...
CVE-2014-8009 The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attacke...
CVE-2014-8010 The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated admin...
CVE-2014-8012 Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security ...
CVE-2014-8013 The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a denial...
CVE-2014-8014 Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malfor...
CVE-2014-8015 The Sponsor Portal in Cisco Identity Services Engine (ISE) allows remote authenticated users to obta...
CVE-2014-8016 The Cisco IronPort Email Security Appliance (ESA) allows remote attackers to cause a denial of servi...
CVE-2014-8017 The periodic-backup feature in Cisco Identity Services Engine (ISE) allows remote attackers to disco...
CVE-2014-8018 Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages ...
CVE-2014-8019 Directory traversal vulnerability in Cisco Enterprise Content Delivery System (ECDS) allows remote a...
CVE-2014-8020 Cisco Unified Communication Domain Manager Platform Software allows remote attackers to cause a deni...
CVE-2014-8021 Cross-site scripting (XSS) vulnerability in Cisco AnyConnect Secure Mobility Client 3.1(.02043) and ...
CVE-2014-8022 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Identity Services Engine allow remote a...
CVE-2014-8023 Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, when challenge-response authen...
CVE-2014-8024 The API in the Guest Server in Cisco Jabber, when the HTML5 CORS feature is used, allows remote atta...
CVE-2014-8025 The API in the Guest Server in Cisco Jabber, when HTML5 is used, allows remote attackers to obtain s...
CVE-2014-8026 Cross-site scripting (XSS) vulnerability in the Guest Server in Cisco Jabber allows remote attackers...
CVE-2014-8027 The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to ...
CVE-2014-8028 Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Secure Access Cont...
CVE-2014-8029 Open redirect vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows ...
CVE-2014-8030 Cross-site scripting (XSS) vulnerability in sendPwMail.do in Cisco WebEx Meetings Server allows remo...
CVE-2014-8031 Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server allows remote attacke...
CVE-2014-8032 The OutlookAction LI in Cisco WebEx Meetings Server allows remote authenticated users to obtain sens...
CVE-2014-8033 The play/modules component in Cisco WebEx Meetings Server allows remote attackers to obtain administ...
CVE-2014-8034 Cisco WebEx Meetings Server 1.5 presents the same CAPTCHA challenge for each login attempt, which ma...
CVE-2014-8035 The web framework in Cisco WebEx Meetings Server produces different returned messages for URL reques...
CVE-2014-8036 The outlookpa component in Cisco WebEx Meetings Server does not properly validate API input, which a...
CVE-2014-8038 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8039 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8040 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8041 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8042 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8043 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8044 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8045 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8046 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8047 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8048 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8049 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8050 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8051 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8052 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8053 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8054 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8055 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8056 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8057 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8058 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8059 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8060 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8061 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8062 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8063 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8064 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8065 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8066 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8067 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8068 Adobe Digital Editions (DE) 4 does not use encryption for transmission of data to adelogs.adobe.com,...
CVE-2014-8069 Multiple cross-site scripting (XSS) vulnerabilities in YOOtheme Pagekit CMS 0.8.7 allow remote attac...
CVE-2014-8070 Open redirect vulnerability in YOOtheme Pagekit CMS 0.8.7 allows remote attackers to redirect users ...
CVE-2014-8071 Multiple cross-site scripting (XSS) vulnerabilities in OpenMRS 2.1 Standalone Edition allow remote a...
E
CVE-2014-8072 The administration module in OpenMRS 2.1 Standalone Edition allows remote authenticated users to obt...
E
CVE-2014-8073 Cross-site request forgery (CSRF) vulnerability in OpenMRS 2.1 Standalone Edition allows remote atta...
E
CVE-2014-8074 Buffer overflow in the SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 in Foxit PDF SDK ActiveX 2.3 ...
CVE-2014-8075 Cross-site scripting (XSS) vulnerability in the Tribune module 6.x-1.x and 7.x-3.x for Drupal allows...
CVE-2014-8076 Cross-site scripting (XSS) vulnerability in the Professional theme 7.x before 7.x-2.04 for Drupal al...
S
CVE-2014-8077 Cross-site scripting (XSS) vulnerability in the NewsFlash theme 6.x-1.x before 6.x-1.7 and 7.x-1.x b...
S
CVE-2014-8078 Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module ...
S
CVE-2014-8079 Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x before 7.x-1.3 for Drupal allows ...
S
CVE-2014-8080 The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 al...
E
CVE-2014-8081 lib/execute/execSetResults.php in TestLink before 1.9.13 allows remote attackers to conduct PHP obje...
E S
CVE-2014-8082 lib/functions/database.class.php in TestLink before 1.9.13 allows remote attackers to obtain sensiti...
E S
CVE-2014-8083 SQL injection vulnerability in the Search::setJsonAlert method in OSClass before 3.4.3 allows remote...
S
CVE-2014-8084 Directory traversal vulnerability in oc-includes/osclass/controller/ajax.php in OSClass before 3.4.3...
S
CVE-2014-8085 Unrestricted file upload vulnerability in the CWebContact::doModel method in oc-includes/osclass/con...
CVE-2014-8086 Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3....
E S
CVE-2014-8087 Cross-site scripting (XSS) vulnerability in the post highlights plugin before 2.6.1 for WordPress al...
E
CVE-2014-8088 The (1) Zend_Ldap class in Zend before 1.12.9 and (2) Zend\Ldap component in Zend 2.x before 2.2.8 a...
CVE-2014-8089 SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2....
E
CVE-2014-8090 The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2...
E S
CVE-2014-8091 X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1....
S
CVE-2014-8092 Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserv...
S
CVE-2014-8093 Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X)...
S
CVE-2014-8094 Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserv...
S
CVE-2014-8095 The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and...
S
CVE-2014-8096 The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) ...
S
CVE-2014-8097 The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and ...
S
CVE-2014-8098 The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (ak...
S
CVE-2014-8099 The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Serve...
S
CVE-2014-8100 The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Serve...
S
CVE-2014-8101 The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server...
S
CVE-2014-8102 The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X...
S
CVE-2014-8103 X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authent...
S
CVE-2014-8104 OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authentic...
CVE-2014-8105 389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to...
CVE-2014-8106 Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0...
CVE-2014-8107 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-10022. Reason: This candid...
R
CVE-2014-8108 The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before...
S
CVE-2014-8109 mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not su...
S
CVE-2014-8110 Multiple cross-site scripting (XSS) vulnerabilities in the web based administration console in Apach...
CVE-2014-8111 Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkM...
CVE-2014-8112 389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" ...
CVE-2014-8113 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2014-8114 The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to (1) ...
CVE-2014-8115 The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to rea...
CVE-2014-8116 The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service ...
S
CVE-2014-8117 softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to ...
S
CVE-2014-8118 Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a cra...
CVE-2014-8119 The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of servic...
CVE-2014-8120 The agent in Thermostat before 1.0.6, when using unspecified configurations, allows local users to o...
S
CVE-2014-8121 DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or l...
E
CVE-2014-8122 Race condition in JBoss Weld before 2.2.8 and 3.x before 3.0.0 Alpha3 allows remote attackers to obt...
CVE-2014-8123 Buffer overflow in the bGetPPS function in wordole.c in Antiword 0.37 allows remote attackers to cau...
E
CVE-2014-8124 OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle ...
S
CVE-2014-8125 XML external entity (XXE) vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to r...
CVE-2014-8126 The scheduler in HTCondor before 8.2.6 allows remote authenticated users to execute arbitrary code....
S
CVE-2014-8127 LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) vi...
CVE-2014-8128 LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, ...
S
CVE-2014-8129 LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly...
E S
CVE-2014-8130 The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows re...
E S
CVE-2014-8131 The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly ha...
CVE-2014-8132 Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x befo...
S
CVE-2014-8133 arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3...
CVE-2014-8134 The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an im...
E S
CVE-2014-8135 The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a ...
E
CVE-2014-8136 The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in...
CVE-2014-8137 Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allow...
CVE-2014-8138 Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote at...
CVE-2014-8139 Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote...
S
CVE-2014-8140 Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows re...
CVE-2014-8141 Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows rem...
S
CVE-2014-8142 Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re...
E
CVE-2014-8143 Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Do...
S
CVE-2014-8144 Cross-site request forgery (CSRF) vulnerability in doorkeeper before 1.4.1 allows remote attackers t...
CVE-2014-8145 Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier allow remote attacke...
E
CVE-2014-8146 The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implemen...
E S
CVE-2014-8147 The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implemen...
E S
CVE-2014-8148 The default D-Bus access control rule in Midgard2 10.05.7.1 allows local users to send arbitrary met...
CVE-2014-8149 OpenDaylight defense4all 1.1.0 and earlier allows remote authenticated users to write report data to...
S
CVE-2014-8150 CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, all...
CVE-2014-8151 The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl 7.31.0 through 7.39.0, ...
CVE-2014-8152 Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows remote attackers to bypass the stre...
CVE-2014-8153 The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote aut...
CVE-2014-8154 The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect buffer length declaration for t...
S
CVE-2014-8155 GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which a...
CVE-2014-8156 The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in fso-gsmd 0.12.0-3, fso-frameworkd ...
CVE-2014-8157 Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote att...
CVE-2014-8158 Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attac...
CVE-2014-8159 The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Ent...
CVE-2014-8160 net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect connt...
S
CVE-2014-8161 PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x be...
CVE-2014-8162 XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 ...
CVE-2014-8163 Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5....
CVE-2014-8164 A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE)...
M
CVE-2014-8165 scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the pickle Python module unsafely, ...
CVE-2014-8166 The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer...
S
CVE-2014-8167 vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a ...
CVE-2014-8168 Red Hat Satellite 6 allows local users to access mongod and delete pulp_database....
CVE-2014-8169 automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER...
CVE-2014-8170 ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-47...
CVE-2014-8171 The memory resource controller (aka memcg) in the Linux kernel allows local users to cause a denial ...
CVE-2014-8172 The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists o...
CVE-2014-8173 The pmd_none_or_trans_huge_or_clear_bad function in include/asm-generic/pgtable.h in the Linux kerne...
CVE-2014-8174 eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP to ...
CVE-2014-8175 Red Hat JBoss Fuse before 6.2.0 allows remote authenticated users to bypass intended restrictions an...
CVE-2014-8176 The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and ...
E
CVE-2014-8177 The Red Hat gluster-swift package, as used in Red Hat Gluster Storage (formerly Red Hat Storage Serv...
CVE-2014-8178 Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identi...
S
CVE-2014-8179 Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extr...
CVE-2014-8180 MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an emp...
S
CVE-2014-8181 The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, whi...
CVE-2014-8182 An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messag...
E S
CVE-2014-8183 It was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce acc...
CVE-2014-8184 A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow wa...
S
CVE-2014-8185 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8186 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8187 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8188 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8189 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8190 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8191 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8192 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8193 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8194 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8195 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8196 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8197 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8198 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8199 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8200 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8201 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8202 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8203 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8204 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8205 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8206 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8207 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8208 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8209 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8210 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8211 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8212 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8213 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8214 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8215 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8216 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8217 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8218 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8219 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8220 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8221 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8222 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8223 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8224 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8225 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8226 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8227 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8228 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8229 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8230 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8231 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8232 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8233 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8234 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8235 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8236 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8237 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8238 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8239 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8240 Integer overflow in TigerVNC allows remote VNC servers to cause a denial of service (crash) and poss...
CVE-2014-8241 XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference...
CVE-2014-8242 librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remot...
S
CVE-2014-8243 Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and ...
E S
CVE-2014-8244 Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and ...
E S
CVE-2014-8246 Cross-site request forgery (CSRF) vulnerability in CA Release Automation (formerly iTKO LISA Release...
CVE-2014-8247 Cross-site scripting (XSS) vulnerability in CA Release Automation (formerly iTKO LISA Release Automa...
CVE-2014-8248 SQL injection vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before ...
CVE-2014-8266 Multiple cross-site scripting (XSS) vulnerabilities in the note-creation page in QPR Portal 2014.1.1...
S
CVE-2014-8267 Cross-site scripting (XSS) vulnerability in QPR Portal 2014.1.1 and earlier allows remote attackers ...
S
CVE-2014-8268 QPR Portal before 2012.2.1 allows remote attackers to modify or delete notes via a direct request....
S
CVE-2014-8269 Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) HWOPOSSCANNER.ocx in Honeywell ...
CVE-2014-8270 BMC Track-It! 11.3 allows remote attackers to gain privileges and execute arbitrary code by creating...
CVE-2014-8271 Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proxima...
S
CVE-2014-8272 The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iD...
E
CVE-2014-8275 OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constr...
CVE-2014-8276 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8277 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8278 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8279 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8280 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8281 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8282 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8283 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8284 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8285 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8286 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8287 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8288 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8289 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8290 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8291 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8292 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8293 Cross-site scripting (XSS) vulnerability in Voice Of Web AllMyGuests 0.4.1 allows remote attackers t...
CVE-2014-8294 Multiple SQL injection vulnerabilities in Voice Of Web AllMyGuests 0.4.1 allow remote attackers to e...
CVE-2014-8295 SQL injection vulnerability in joblogs.php in Bacula-Web 5.2.10 allows remote attackers to execute a...
E
CVE-2014-8296 Cross-site scripting (XSS) vulnerability in the Modal Frame API module 6.x-1.x before 6.x-1.9 for Dr...
S
CVE-2014-8298 The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65...
CVE-2014-8301 Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allo...
CVE-2014-8302 Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0....
CVE-2014-8303 Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6...
CVE-2014-8304 Cross-site scripting (XSS) vulnerability in In-Portal CMS 5.2.0 and earlier allows remote attackers ...
CVE-2014-8305 Open redirect vulnerability in the redir function in includes/function.php in C97net Cart Engine bef...
E
CVE-2014-8306 SQL injection vulnerability in the sql_query function in cart.php in C97net Cart Engine before 4.0 a...
E
CVE-2014-8307 Multiple cross-site scripting (XSS) vulnerabilities in skins/default/outline.tpl in C97net Cart Engi...
E
CVE-2014-8308 Cross-site scripting (XSS) vulnerability in the Send to Inbox functionality in SAP BusinessObjects B...
CVE-2014-8309 SAP BusinessObjects 4.0 and BusinessObjects XI (BOXI) R2 and 3.1 generates error messages for a fail...
CVE-2014-8310 The CMS CORBA listener in SAP BusinessObjects BI Edge 4.0 allows remote attackers to cause a denial ...
CVE-2014-8311 SAP BusinessObjects Edge 4.0 allows remote attackers to obtain sensitive information via an InfoStor...
CVE-2014-8312 Business Warehouse (BW) in SAP Netweaver AS ABAP 7.31 allows remote authenticated users to obtain se...
CVE-2014-8313 Eval injection in ide/core/base/server/net.xsjs in the Developer Workbench in SAP HANA allows remote...
CVE-2014-8314 Multiple cross-site scripting (XSS) vulnerabilities in SAP HANA Developer Edition Revision 70 allow ...
CVE-2014-8315 polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882 replies with different timing depe...
CVE-2014-8316 XML External Entity (XXE) vulnerability in polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 b...
E
CVE-2014-8317 Cross-site scripting (XSS) vulnerability in the Webform Validation module 6.x-1.x before 6.x-1.6 and...
S
CVE-2014-8318 Cross-site scripting (XSS) vulnerability in the Webform module 6.x-3.x before 6.x-3.20, 7.x-3.x befo...
S
CVE-2014-8319 Cross-site scripting (XSS) vulnerability in the easy_social_admin_summary function in the Easy Socia...
S
CVE-2014-8320 Cross-site scripting (XSS) vulnerability in the Custom Search module 6.x-1.x before 6.x-1.12 and 7.x...
E S
CVE-2014-8321 Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 R...
S
CVE-2014-8322 Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1...
S
CVE-2014-8323 buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (se...
S
CVE-2014-8324 network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (seg...
S
CVE-2014-8325 The Calendar Base (cal) extension before 1.5.9 and 1.6.x before 1.6.1 for TYPO3 allows remote attack...
S
CVE-2014-8326 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x befor...
E S
CVE-2014-8327 The fal_sftp extension before 0.2.6 for TYPO3 uses weak permissions for sFTP driver files and folder...
S
CVE-2014-8328 The default configuration in the Dynamic Content Elements (dce) extension before 0.11.5 for TYPO3 al...
CVE-2014-8329 Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under the...
CVE-2014-8330 Cross-site scripting (XSS) vulnerability in EspoCRM allows remote authenticated users to inject arbi...
E
CVE-2014-8331 Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3236 before E3276sTCPU-...
CVE-2014-8333 The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to c...
S
CVE-2014-8334 The WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote authenticate...
E S
CVE-2014-8335 (1) wp-dbmanager.php and (2) database-manage.php in the WP-DBManager (aka Database Manager) plugin b...
E S
CVE-2014-8336 The "Sql Run Query" panel in WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress a...
E S
CVE-2014-8337 Unrestricted file upload vulnerability in includes/classes/uploadify-v2.1.4/uploadify.php in HelpDEZ...
E
CVE-2014-8338 Cross-site scripting (XSS) vulnerability in vwrooms/js/jsor-jcarousel/examples/special_textscroller....
E
CVE-2014-8339 SQL injection vulnerability in midroll.php in Nuevolab Nuevoplayer for ClipShare 8.0 and earlier all...
E
CVE-2014-8340 SQL injection vulnerability in Php/Functions/log_function.php in phpTrafficA 2.3 and earlier allows ...
E
CVE-2014-8346 The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data...
E
CVE-2014-8347 An Authentication Bypass vulnerability exists in the MatchPasswordData function in DBEngine.dll in F...
E
CVE-2014-8349 Cross-site scripting (XSS) vulnerability in Liferay Portal Enterprise Edition (EE) 6.2 SP8 and earli...
CVE-2014-8350 Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbi...
E
CVE-2014-8351 SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty (ak...
E S
CVE-2014-8352 Cross-site scripting (XSS) vulnerability in json.php in French National Commission on Informatics an...
E S
CVE-2014-8354 The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to c...
CVE-2014-8355 PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (...
CVE-2014-8356 The web administrative portal in Zhone zNID 2426A before S3.0.501 allows remote authenticated users ...
E
CVE-2014-8357 backupsettings.html in the web administrative portal in Zhone zNID GPON 2426A before S3.0.501 places...
E
CVE-2014-8358 Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014...
CVE-2014-8359 Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows lo...
E
CVE-2014-8360 Directory traversal vulnerability in inc/autoload.function.php in GLPI before 0.84.8 allows remote a...
CVE-2014-8361 The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a craf...
KEV E
CVE-2014-8362 Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm system a...
CVE-2014-8363 SQL injection vulnerability in ss_handler.php in the WordPress Spreadsheet (wpSS) plugin 0.62 for Wo...
E
CVE-2014-8364 Cross-site scripting (XSS) vulnerability in ss_handler.php in the WordPress Spreadsheet (wpSS) plugi...
E
CVE-2014-8365 Multiple cross-site scripting (XSS) vulnerabilities in Xornic Contact Us allow remote attackers to i...
CVE-2014-8366 SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote attackers to execute arbitrary ...
E
CVE-2014-8367 SQL injection vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) 6.2.x, 6.3.x before 6....
CVE-2014-8368 The web interface in Aruba Networks AirWave before 7.7.14 and 8.x before 8.0.5 allows remote authent...
CVE-2014-8369 The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculate...
E S
CVE-2014-8370 VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0....
S
CVE-2014-8371 VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Upda...
CVE-2014-8372 AirWatch by VMware On-Premise 7.3.x before 7.3.3.0 (FP3) allows remote authenticated users to obtain...
CVE-2014-8373 The VMware Remote Console (VMRC) function in VMware vCloud Automation Center (vCAC) 6.0.1 through 6....
CVE-2014-8374 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8375 SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress al...
E
CVE-2014-8376 Cross-site scripting (XSS) vulnerability in the context administration sub-panel in the Site Banner ...
S
CVE-2014-8377 Cross-site scripting (XSS) vulnerability in Webasyst Shop-Script 5.2.2.30933 allows remote attackers...
E
CVE-2014-8378 Cross-site scripting (XSS) vulnerability in the TableField module 7.x-2.x before 7.x-2.3 allows remo...
S
CVE-2014-8379 Multiple cross-site scripting (XSS) vulnerabilities in the Marketo MA module before 7.x-1.5 for Drup...
S
CVE-2014-8380 Cross-site scripting (XSS) vulnerability in Splunk 6.1.1 allows remote attackers to inject arbitrary...
E
CVE-2014-8381 Multiple cross-site scripting (XSS) vulnerabilities in Megapolis.Portal Manager allow remote attacke...
E
CVE-2014-8383 The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication v...
E
CVE-2014-8384 The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.el...
E
CVE-2014-8385 Buffer overflow on Advantech EKI-1200 gateways with firmware before 1.63 allows remote attackers to ...
CVE-2014-8386 Multiple stack-based buffer overflows in Advantech AdamView 4.3 and earlier allow remote attackers t...
E
CVE-2014-8387 cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users...
E
CVE-2014-8388 Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows r...
CVE-2014-8389 cgi-bin/mft/wireless_mft.cgi in AirLive BU-2015 with firmware 1.03.18 16.06.2014, AirLive BU-3026 wi...
E M
CVE-2014-8390 Multiple buffer overflows in Schneider Electric VAMPSET before 2.2.168 allow local users to gain pri...
E S
CVE-2014-8391 The Web interface in Sendio before 7.2.4 does not properly handle sessions, which allows remote auth...
E
CVE-2014-8393 DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Pai...
CVE-2014-8394 Multiple untrusted search path vulnerabilities in Corel CAD 2014 allow local users to execute arbitr...
CVE-2014-8395 Untrusted search path vulnerability in Corel Painter 2015 allows local users to execute arbitrary co...
CVE-2014-8396 Untrusted search path vulnerability in Corel PDF Fusion allows local users to execute arbitrary code...
CVE-2014-8397 Untrusted search path vulnerability in Corel VideoStudio PRO X7 or FastFlick allows local users to e...
CVE-2014-8398 Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbit...
CVE-2014-8399 The default configuration in systemd-shim 8 enables the Abandon debugging clause, which allows local...
E S
CVE-2014-8412 The (1) VoIP channel drivers, (2) DUNDi, and (3) Asterisk Manager Interface (AMI) in Asterisk Open S...
CVE-2014-8413 The res_pjsip_acl module in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 does not ...
CVE-2014-8414 ConfBridge in Asterisk 11.x before 11.14.1 and Certified Asterisk 11.6 before 11.6-cert8 does not pr...
CVE-2014-8415 Race condition in the chan_pjsip channel driver in Asterisk Open Source 12.x before 12.7.1 and 13.x ...
CVE-2014-8416 Use-after-free vulnerability in the PJSIP channel driver in Asterisk Open Source 12.x before 12.7.1 ...
CVE-2014-8417 ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified...
CVE-2014-8418 The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, 11.x before 11.1.4.1, 12.x bef...
CVE-2014-8419 Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read and write access for all user...
CVE-2014-8420 The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, Sonic...
CVE-2014-8421 Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow rem...
M
CVE-2014-8422 The web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape Desk ...
M
CVE-2014-8423 Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote att...
CVE-2014-8424 ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to ...
CVE-2014-8425 The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials ...
CVE-2014-8426 Hard coded weak credentials in Barracuda Load Balancer 5.0.0.015....
CVE-2014-8428 Privilege escalation vulnerability in Barracuda Load Balancer 5.0.0.015 via the use of an improperly...
CVE-2014-8429 Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1...
E
CVE-2014-8437 Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef...
S
CVE-2014-8438 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0...
S
CVE-2014-8439 Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.239 on Windows and OS X and bef...
KEV
CVE-2014-8440 Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef...
E S
CVE-2014-8441 Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef...
S
CVE-2014-8442 Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef...
S
CVE-2014-8443 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16...
CVE-2014-8444 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8445 Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attac...
CVE-2014-8446 Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attac...
CVE-2014-8447 Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attac...
CVE-2014-8448 An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.1...
CVE-2014-8449 Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows ...
CVE-2014-8450 Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...
S
CVE-2014-8451 An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.1...
CVE-2014-8452 Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remot...
CVE-2014-8453 Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remot...
CVE-2014-8454 Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10...
CVE-2014-8455 Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10...
CVE-2014-8456 Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attac...
CVE-2014-8457 Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 o...
CVE-2014-8458 Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attac...
CVE-2014-8459 Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attac...
CVE-2014-8460 Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 o...
CVE-2014-8461 Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attac...
CVE-2014-8469 Cross-site scripting (XSS) vulnerability in Guests/Boots in AdminCP in Moxi9 PHPFox before 4 Beta al...
E
CVE-2014-8471 CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to conduct replay attac...
S
CVE-2014-8472 CA Cloud Service Management (CSM) before Summer 2014 does not properly verify authentication tokens ...
S
CVE-2014-8473 Cross-site request forgery (CSRF) vulnerability in CA Cloud Service Management (CSM) before Summer 2...
E
CVE-2014-8474 CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to read arbitrary files...
S
CVE-2014-8475 FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos support, uses incorrect library ord...
CVE-2014-8476 The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not initialize the buffer used to store t...
CVE-2014-8478 The web server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switch...
CVE-2014-8479 The FTP server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switch...
CVE-2014-8480 The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3....
E
CVE-2014-8481 The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3....
E
CVE-2014-8483 The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a...
S
CVE-2014-8484 The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers ...
CVE-2014-8485 The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attac...
E
CVE-2014-8486 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-8496. Reason: This candida...
R
CVE-2014-8487 Kony Management (aka Enterprise Mobile Management or EMM) 1.2 and earlier allows remote authenticate...
E
CVE-2014-8488 Cross-site scripting (XSS) vulnerability in the administrator panel in Yourls 1.7 allows remote atta...
E
CVE-2014-8489 Open redirect vulnerability in startSSO.ping in the SP Endpoints in Ping Identity PingFederate 6.10....
CVE-2014-8490 Cross-site scripting (XSS) vulnerability in TennisConnect COMPONENTS 9.927 allows remote attackers t...
E
CVE-2014-8491 The Grand Flagallery plugin before 4.25 for WordPress allows remote attackers to obtain the installa...
E
CVE-2014-8492 Multiple cross-site scripting (XSS) vulnerabilities in assets/misc/fallback-page.php in the Profile ...
E
CVE-2014-8493 ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote attackers to modify the CWMP configuration...
E
CVE-2014-8494 ESTsoft ALUpdate 8.5.1.0.0 uses weak permissions (Users: Full Control) for the (1) AlUpdate folder a...
E
CVE-2014-8495 Citrix XenMobile MDX Toolkit before 9.0.4, when used to wrap iOS 8 applications, does not properly e...
S
CVE-2014-8496 Digicom DG-5514T ADSL router with firmware 3.2 generates predictable session IDs, which allows remot...
E
CVE-2014-8498 SQL injection vulnerability in BulkEditSearchResult.cc in ManageEngine Password Manager Pro (PMP) an...
E
CVE-2014-8499 Multiple SQL injection vulnerabilities in ManageEngine Password Manager Pro (PMP) and Password Manag...
E
CVE-2014-8500 ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegati...
S
CVE-2014-8501 The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remo...
E
CVE-2014-8502 Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and...
E
CVE-2014-8503 Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier...
E
CVE-2014-8504 Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier...
E
CVE-2014-8505 Multiple cross-site scripting (XSS) vulnerabilities in Etiko CMS allow remote attackers to inject ar...
E
CVE-2014-8506 Multiple SQL injection vulnerabilities in Etiko CMS allow remote attackers to execute arbitrary SQL ...
E
CVE-2014-8507 Multiple SQL injection vulnerabilities in the queryLastApp method in packages/WAPPushManager/src/com...
E
CVE-2014-8508 Cross-site scripting (XSS) vulnerability in s_network.asp in the Denon AVR-3313CI audio/video receiv...
CVE-2014-8509 The lazy_bdecode function in BitTorrent bootstrap-dht (aka Bootstrap) allows remote attackers to exe...
E
CVE-2014-8510 The AdminUI in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) before 6.0 HF build 1244...
CVE-2014-8511 Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allow...
CVE-2014-8512 Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allow...
S
CVE-2014-8513 Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 all...
S
CVE-2014-8514 Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 all...
S
CVE-2014-8515 The web interface in BitTorrent allows remote attackers to execute arbitrary commands by leveraging ...
CVE-2014-8516 Unrestricted file upload vulnerability in Visual Mining NetCharts Server allows remote attackers to ...
E
CVE-2014-8517 The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 thr...
E S
CVE-2014-8518 The (1) Removable Media and (2) CD and DVD encryption offsite access options (formerly Endpoint Encr...
S
CVE-2014-8519 Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local us...
CVE-2014-8520 McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to obtain sensitive in...
CVE-2014-8521 Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 al...
CVE-2014-8522 The MySQL database in McAfee Network Data Loss Prevention (NDLP) before 9.3 does not require a passw...
CVE-2014-8523 Cross-site request forgery (CSRF) vulnerability in McAfee Network Data Loss Prevention (NDLP) before...
CVE-2014-8524 McAfee Network Data Loss Prevention (NDLP) before 9.3 does not disable the autocomplete setting for ...
CVE-2014-8525 McAfee Network Data Loss Prevention (NDLP) before 9.3 does not include the HTTPOnly flag in a Set-Co...
CVE-2014-8526 McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive informa...
CVE-2014-8527 McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive informa...
CVE-2014-8528 McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users to ...
CVE-2014-8529 McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows ...
CVE-2014-8530 Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote att...
CVE-2014-8531 The TLS/SSL Server in McAfee Network Data Loss Prevention (NDLP) before 9.3 uses weak cipher algorit...
CVE-2014-8532 Unspecified vulnerability in McAfee Network Data Loss Prevention before (NDLP) before 9.3 allows loc...
CVE-2014-8533 McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to execute arbitrary c...
CVE-2014-8534 Unspecified vulnerability in the login form in McAfee Network Data Loss Prevention (NDLP) before 9.2...
CVE-2014-8535 McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to bypass intended restri...
CVE-2014-8536 McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive infor...
CVE-2014-8537 McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive infor...
CVE-2014-8538 The Hijab Modern (aka com.Aisyaidea.HijabModern) application 1.0 for Android does not verify X.509 c...
CVE-2014-8539 Cross-site scripting (XSS) vulnerability in Simple Email Form 1.8.5 and earlier allows remote attack...
E
CVE-2014-8540 The groups API in GitLab 6.x and 7.x before 7.4.3 allows remote authenticated guest users to modify ...
S
CVE-2014-8541 libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-...
CVE-2014-8542 libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, ...
CVE-2014-8543 libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during v...
CVE-2014-8544 libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which all...
CVE-2014-8545 libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without verifying tha...
CVE-2014-8546 Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 allows remote attackers to cause a ...
CVE-2014-8547 libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows rem...
CVE-2014-8548 Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denia...
CVE-2014-8549 libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the number of channels to at most 2, w...
CVE-2014-8551 The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Updat...
CVE-2014-8552 The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Updat...
CVE-2014-8553 The mci_account_get_array_by_id function in api/soap/mc_account_api.php in MantisBT before 1.2.18 al...
CVE-2014-8554 SQL injection vulnerability in the mc_project_get_attachments function in api/soap/mc_project_api.ph...
E
CVE-2014-8555 Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 ...
E
CVE-2014-8557 Multiple cross-site scripting (XSS) vulnerabilities in JExperts Channel Platform 5.0.33_CCB allow re...
E
CVE-2014-8558 JExperts Channel Platform 5.0.33_CCB allows remote authenticated users to bypass access restrictions...
E
CVE-2014-8559 The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the...
E S
CVE-2014-8561 imagemagick 6.8.9.6 has remote DOS via infinite loop...
S
CVE-2014-8562 DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-o...
CVE-2014-8563 Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS....
CVE-2014-8564 The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before ...
S
CVE-2014-8565 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-8518. Reason: This candida...
R
CVE-2014-8566 The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or c...
S
CVE-2014-8567 The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache...
CVE-2014-8570 Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703, S7706, S7712 with software V...
CVE-2014-8571 Apps on Huawei Ascend P6 mobile phones with software EDGE-U00 V100R001C17B508SP01 and earlier versio...
CVE-2014-8572 Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R00...
CVE-2014-8573 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8574 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8575 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8576 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8577 Multiple cross-site scripting (XSS) vulnerabilities in Croogo before 2.1.0 allow remote attackers to...
E S
CVE-2014-8578 Cross-site scripting (XSS) vulnerability in the Groups panel in OpenStack Dashboard (Horizon) before...
S
CVE-2014-8579 TRENDnet TEW-823DRU devices with firmware before 1.00b36 have a hardcoded password of kcodeskcodes f...
CVE-2014-8580 Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11,...
S
CVE-2014-8582 FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firmware 10.2.0...
CVE-2014-8583 mod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle whe...
S
CVE-2014-8584 Cross-site scripting (XSS) vulnerability in the Web Dorado Spider Video Player (aka WordPress Video ...
CVE-2014-8585 Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remo...
E
CVE-2014-8586 SQL injection vulnerability in the CP Multi View Event Calendar plugin 1.01 for WordPress allows rem...
E
CVE-2014-8587 SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeave...
CVE-2014-8588 SQL injection vulnerability in metadata.xsjs in SAP HANA 1.00.60.379371 allows remote attackers to e...
CVE-2014-8589 Integer overflow in SAP Network Interface Router (SAProuter) 40.4 allows remote attackers to cause a...
CVE-2014-8590 XML external entity (XXE) vulnerability in the Web Service Navigator in SAP NetWeaver Application Se...
CVE-2014-8591 Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02...
E
CVE-2014-8592 Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote at...
CVE-2014-8593 Multiple cross-site scripting (XSS) vulnerabilities in Allomani Weblinks 1.0 allow remote attackers ...
E
CVE-2014-8594 The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict upda...
S
CVE-2014-8595 arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, wh...
S
CVE-2014-8596 Multiple SQL injection vulnerabilities in PHP-Fusion 7.02.07 allow remote authenticated users to exe...
E
CVE-2014-8597 A reflected cross-site scripting (XSS) vulnerability in PHP-Fusion 7.02.07 allows remote attackers t...
E
CVE-2014-8598 The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attacke...
CVE-2014-8600 Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1...
E S
CVE-2014-8601 PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to ...
CVE-2014-8602 iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remot...
S
CVE-2014-8603 cloner.functions.php in the XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! allows remote a...
E
CVE-2014-8604 The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! returns the MySQL password in cleartext...
E
CVE-2014-8605 The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! stores database backup files with predi...
E
CVE-2014-8606 Directory traversal vulnerability in the XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! al...
E
CVE-2014-8607 The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! provides the MySQL username and passwor...
E
CVE-2014-8608 The K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in mu...
E
CVE-2014-8609 The addAccount method in src/com/android/settings/accounts/AddAccountSettings.java in the Settings a...
E
CVE-2014-8610 AndroidManifest.xml in Android before 5.0.0 does not require the SEND_SMS permission for the SmsRece...
E
CVE-2014-8611 The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS befor...
CVE-2014-8612 Multiple array index errors in the Stream Control Transmission Protocol (SCTP) module in FreeBSD 10....
E
CVE-2014-8613 The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows...
CVE-2014-8614 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2014-8615 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2014-8616 Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.2.x before 5.2.3 allow rem...
CVE-2014-8617 Cross-site scripting (XSS) vulnerability in the Web Action Quarantine Release feature in the WebGUI ...
E
CVE-2014-8618 Cross-site scripting (XSS) vulnerability in the theme login page in Fortinet FortiADC D models befor...
CVE-2014-8619 Cross-site scripting (XSS) vulnerability in the autolearn configuration page in Fortinet FortiWeb 5....
CVE-2014-8621 SQL injection vulnerability in the Store Locator plugin 2.3 through 3.11 for WordPress allows remote...
E
CVE-2014-8622 Cross-site scripting (XSS) vulnerability in compfight-search.php in the Compfight plugin 1.4 for Wor...
E S
CVE-2014-8625 Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before...
E
CVE-2014-8626 Stack-based buffer overflow in the date_from_ISO8601 function in ext/xmlrpc/libxmlrpc/xmlrpc.c in PH...
E
CVE-2014-8627 PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attac...
CVE-2014-8628 Memory leak in PolarSSL before 1.2.12 and 1.3.x before 1.3.9 allows remote attackers to cause a deni...
CVE-2014-8629 Cross-site scripting (XSS) vulnerability in the Page visualization agents in Pandora FMS 5.1 SP1 and...
E S
CVE-2014-8630 Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before ...
S
CVE-2014-8631 The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2...
CVE-2014-8632 The structured-clone implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 does no...
CVE-2014-8634 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox E...
CVE-2014-8635 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0 and SeaMon...
CVE-2014-8636 The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not pro...
CVE-2014-8637 Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP imag...
CVE-2014-8638 The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4...
CVE-2014-8639 Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey be...
CVE-2014-8640 The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementati...
CVE-2014-8641 Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ES...
CVE-2014-8642 Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck exten...
CVE-2014-8643 Mozilla Firefox before 35.0 on Windows allows remote attackers to bypass the Gecko Media Plugin (GMP...
CVE-2014-8645 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8646 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8647 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8648 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8649 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8650 python-requests-Kerberos through 0.5 does not handle mutual authentication...
S
CVE-2014-8651 The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 a...
CVE-2014-8652 Elipse E3 3.x and earlier allows remote attackers to cause a denial of service (application crash an...
E
CVE-2014-8653 Cross-site scripting (XSS) vulnerability in Compal Broadband Networks (CBN) CH6640E and CG6640E Wire...
E
CVE-2014-8654 Multiple cross-site request forgery (CSRF) vulnerabilities in Compal Broadband Networks (CBN) CH6640...
E
CVE-2014-8655 The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3....
E
CVE-2014-8656 The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3....
E
CVE-2014-8657 The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3....
E
CVE-2014-8658 Cross-site scripting (XSS) vulnerability in RefinedWiki Original Theme 3.x before 3.5.13 and 4.x bef...
E
CVE-2014-8659 Directory traversal vulnerability in SAP Environment, Health, and Safety allows remote attackers to ...
CVE-2014-8660 SAP Document Management Services allows local users to execute arbitrary commands via unspecified ve...
CVE-2014-8661 The SAP CRM Internet Sales module allows remote attackers to execute arbitrary commands via unspecif...
CVE-2014-8662 Unspecified vulnerability in SAP Payroll Process allows remote attackers to cause a denial of servic...
CVE-2014-8663 SQL injection vulnerability in Data Basis (BW-WHM-DBA) in SAP NetWeaver Business Warehouse allows re...
CVE-2014-8664 SQL injection vulnerability in Product Safety (EHS-SAF) component in SAP Environment, Health, and Sa...
CVE-2014-8665 The SAP Business Intelligence Development Workbench allows remote attackers to obtain sensitive info...
CVE-2014-8666 The User & Server configuration, InfoView refresh, user rights (BI-BIP-ADM) component in SAP Busines...
CVE-2014-8667 Cross-site scripting (XSS) vulnerability in SAP HANA Web-based Development Workbench allows remote a...
CVE-2014-8668 SQL injection vulnerability in SAP Contract Accounting allows remote attackers to execute arbitrary ...
CVE-2014-8669 The SAP Promotion Guidelines (CRM-MKT-MPL-TPM-PPG) module for SAP CRM allows remote attackers to exe...
CVE-2014-8670 Open redirect vulnerability in go.php in vBulletin 4.2.1 allows remote attackers to redirect users t...
E
CVE-2014-8671 Cross-site scripting (XSS) vulnerability in the GWT Mobile PhoneGap Showcase application for Android...
E
CVE-2014-8672 Cross-site scripting (XSS) vulnerability in the RewardingYourself application for Android and BlackB...
E
CVE-2014-8673 Multiple SQL vulnerabilities exist in planning.php, user_list.php, projets.php, user_groupes.php, an...
E
CVE-2014-8674 Multiple Cross-Site Scripting (XSS) vulnerabilities exist in Simple Online Planning (SOPlanning) bef...
E
CVE-2014-8675 Soplanning 1.32 and earlier generates static links for sharing ICAL calendars with embedded login in...
E
CVE-2014-8676 Directory traversal vulnerability in the file_get_contents function in SOPlanning 1.32 and earlier a...
E
CVE-2014-8677 The installation process for SOPlanning 1.32 and earlier allows remote authenticated users with a pr...
E
CVE-2014-8678 The ConfigSaveServlet servlet in ManageEngine OpUtils before build 71024 allows remote attackers to ...
CVE-2014-8680 The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial ...
CVE-2014-8681 SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service...
E
CVE-2014-8682 Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5...
E
CVE-2014-8683 Cross-site scripting (XSS) vulnerability in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 thr...
E
CVE-2014-8684 CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remot...
CVE-2014-8686 CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallb...
E
CVE-2014-8687 Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute arbit...
E
CVE-2014-8688 An issue was discovered in Telegram Messenger 2.6 for iOS and 1.8.2 for Android. Secret chat message...
CVE-2014-8690 Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS before 2.1.4 patch 6, 2.2.x befo...
E S
CVE-2014-8701 Wonder CMS 2014 allows remote attackers to obtain sensitive information by viewing /files/password, ...
E
CVE-2014-8702 Wonder CMS 2014 allows remote attackers to obtain sensitive information by logging into the applicat...
E
CVE-2014-8703 Cross-site scripting (XSS) vulnerability in Wonder CMS 2014 allows remote attackers to inject arbitr...
E
CVE-2014-8704 Directory traversal vulnerability in index.php in Wonder CMS 2014 allows remote attackers to include...
CVE-2014-8705 PHP remote file inclusion vulnerability in editInplace.php in Wonder CMS 2014 allows remote attacker...
S
CVE-2014-8706 Pluck CMS 4.7.2 allows remote attackers to obtain sensitive information by (1) changing "PHPSESSID" ...
E
CVE-2014-8707 Cross-site scripting (XSS) vulnerability in TinyMCE in Pluck CMS 4.7.2 allows remote authenticated u...
E
CVE-2014-8708 Pluck CMS 4.7.2 allows remote attackers to execute arbitrary code via the blog form feature....
E
CVE-2014-8709 The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not prop...
CVE-2014-8710 The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wire...
CVE-2014-8711 Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10....
CVE-2014-8712 The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wiresha...
CVE-2014-8713 Stack-based buffer overflow in the build_expert_data function in epan/dissectors/packet-ncp2222.inc ...
CVE-2014-8714 The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c in the TN5250 dissect...
CVE-2014-8716 The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-...
CVE-2014-8722 GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to ...
E
CVE-2014-8723 GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to ...
E
CVE-2014-8724 Cross-site scripting (XSS) vulnerability in the W3 Total Cache plugin before 0.9.4.1 for WordPress, ...
E
CVE-2014-8727 Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the "...
E
CVE-2014-8728 SQL injection vulnerability in the login page (login/login) in Subex ROC Fraud Management (aka Fraud...
E
CVE-2014-8730 The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 1...
CVE-2014-8731 PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via vector...
CVE-2014-8732 Cross-site scripting (XSS) vulnerability in phpMemcachedAdmin 1.2.2 and earlier allows remote attack...
CVE-2014-8733 Cloudera Manager 5.2.0, 5.2.1, and 5.3.0 stores the LDAP bind password in plaintext in unspecified w...
CVE-2014-8734 The Organic Groups Menu (aka OG Menu) module before 7.x-2.2 for Drupal allows remote authenticated u...
S
CVE-2014-8735 The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before 7.x-2.2216 for Drupal logs user...
S
CVE-2014-8736 The Open Atrium Core module for Drupal before 7.x-2.22 allows remote attackers to bypass access rest...
S
CVE-2014-8737 Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to d...
E
CVE-2014-8738 The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows...
E
CVE-2014-8739 Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plu...
E
CVE-2014-8741 Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterp...
CVE-2014-8742 Directory traversal vulnerability in the ReportDownloadServlet servlet in Lexmark MarkVision Enterpr...
CVE-2014-8743 Multiple cross-site scripting (XSS) vulnerabilities in the Maestro module 7.x-1.x before 7.x-1.4 for...
S
CVE-2014-8744 Cross-site scripting (XSS) vulnerability in the Nivo Slider module 7.x-2.x before 7.x-1.11 for Drupa...
S
CVE-2014-8745 Cross-site scripting (XSS) vulnerability in the Custom Search module 6.x-1.x before 6.x-1.13 and 7.x...
S
CVE-2014-8746 Cross-site scripting (XSS) vulnerability in the Skeleton theme 7.x-1.2 through 7.x-1.3 before 7.x-1....
S
CVE-2014-8747 Cross-site scripting (XSS) vulnerability in the Drupal Commons module 7.x-3.x before 7.x-3.9 for Dru...
S
CVE-2014-8748 Cross-site scripting (XSS) vulnerability in the Google Doubleclick for Publishers (DFP) module 7.x-1...
S
CVE-2014-8749 Server-side request forgery (SSRF) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof ...
S
CVE-2014-8750 Race condition in the VMware driver in OpenStack Compute (Nova) before 2014.1.4 and 2014.2 before 20...
CVE-2014-8751 Multiple cross-site scripting (XSS) vulnerabilities in goYWP WebPress 13.00.06 allow remote attacker...
CVE-2014-8752 Multiple cross-site scripting (XSS) vulnerabilities in view.php in JCE-Tech PHP Video Script (aka Vi...
CVE-2014-8753 Multiple cross-site scripting (XSS) vulnerabilities in Cit-e-Net Cit-e-Access 6....
E
CVE-2014-8754 Open redirect vulnerability in track-click.php in the Ad-Manager plugin 1.1.2 for WordPress allows r...
CVE-2014-8755 Panasonic Network Camera View 3 and 4 allows remote attackers to execute arbitrary code via a crafte...
S
CVE-2014-8756 The NcrCtl4.NcrNet.1 control in Panasonic Network Camera Recorder before 4.04R03 allows remote attac...
S
CVE-2014-8757 LG On-Screen Phone (OSP) before 4.3.010 allows remote attackers to bypass authorization via a crafte...
E
CVE-2014-8758 Cross-site scripting (XSS) vulnerability in Best Gallery Albums Plugin before 3.0.70for WordPress al...
E
CVE-2014-8760 ejabberd before 2.1.13 does not enforce the starttls_required setting when compression is used, whic...
S
CVE-2014-8761 inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which ...
CVE-2014-8762 The ajax_mediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access arbitra...
CVE-2014-8763 DokuWiki before 2014-05-05b, when using Active Directory for LDAP authentication, allows remote atta...
CVE-2014-8764 DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote...
CVE-2014-8765 Multiple cross-site scripting (XSS) vulnerabilities in the Project Issue File Review module (PIFR) m...
S
CVE-2014-8766 Multiple SQL injection vulnerabilities in Allomani Weblinks 1.0 allow remote attackers to execute ar...
CVE-2014-8767 Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, a...
E
CVE-2014-8768 Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in ver...
E
CVE-2014-8769 tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory o...
E
CVE-2014-8770 Unrestricted file upload vulnerability in magmi/web/magmi.php in the MAGMI (aka Magento Mass Importe...
E
CVE-2014-8771 Multiple cross-site request forgery (CSRF) vulnerabilities in the admin area in X3 CMS 0.5.1 and 0.5...
E
CVE-2014-8772 Cross-site scripting (XSS) vulnerability in the search_controller in X3 CMS 0.5.1 and 0.5.1.1 allows...
E
CVE-2014-8773 MODX Revolution 2.x before 2.2.15 allows remote attackers to bypass the cross-site request forgery (...
E
CVE-2014-8774 Cross-site scripting (XSS) vulnerability in manager/index.php in MODX Revolution 2.x before 2.2.15 a...
E
CVE-2014-8775 MODX Revolution 2.x before 2.2.15 does not include the HTTPOnly flag in a Set-Cookie header for the ...
E
CVE-2014-8778 Checkmarx CxSAST (formerly CxSuite) before 7.1.8 allows remote authenticated users to bypass the CxQ...
E
CVE-2014-8779 Pexip Infinity before 8 uses the same SSH host keys across different customers' installations, which...
E
CVE-2014-8780 Cross-site scripting (XSS) vulnerability in Jease 2.11 allows remote authenticated users to inject a...
E
CVE-2014-8788 GleamTech FileVista before 6.1 allows remote authenticated users to obtain sensitive information via...
CVE-2014-8789 GleamTech FileVista before 6.1 allows remote authenticated users to create arbitrary files and possi...
CVE-2014-8790 XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 through 3.3.x before...
E
CVE-2014-8791 project/register.php in Tuleap before 7.7, when sys_create_project_in_one_step is disabled, allows r...
E
CVE-2014-8793 Cross-site scripting (XSS) vulnerability in lib/max/Admin/UI/Field/PublisherIdField.php in Revive Ad...
E S
CVE-2014-8799 Directory traversal vulnerability in the dp_img_resize function in php/dp-functions.php in the DukaP...
E
CVE-2014-8800 Cross-site scripting (XSS) vulnerability in nextend-facebook-settings.php in the Nextend Facebook Co...
E
CVE-2014-8801 Directory traversal vulnerability in services/getfile.php in the Paid Memberships Pro plugin before ...
E
CVE-2014-8802 The Pie Register plugin before 2.0.14 for WordPress does not properly restrict access to certain fun...
E
CVE-2014-8809 Multiple cross-site scripting (XSS) vulnerabilities in the WP Symposium plugin before 14.11 for Word...
E
CVE-2014-8810 SQL injection vulnerability in ajax/mail_functions.php in the WP Symposium plugin before 14.11 for W...
E
CVE-2014-8816 CoreGraphics in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a...
CVE-2014-8817 coresymbolicationd in CoreSymbolication in Apple OS X before 10.10.2 does not verify that expected d...
E
CVE-2014-8818 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8819 The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via uns...
CVE-2014-8820 The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via uns...
CVE-2014-8821 The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via uns...
CVE-2014-8822 IOHIDFamily in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a kernel cont...
CVE-2014-8823 The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple...
E
CVE-2014-8824 The kernel in Apple OS X before 10.10.2 does not properly validate IODataQueue object metadata field...
CVE-2014-8825 The kernel in Apple OS X before 10.10.2 does not properly perform identitysvc validation of certain ...
CVE-2014-8826 LaunchServices in Apple OS X before 10.10.2 does not properly handle file-type metadata, which allow...
E
CVE-2014-8827 LoginWindow in Apple OS X before 10.10.2 does not transition to the lock-screen state immediately up...
CVE-2014-8828 Sandbox in Apple OS X before 10.10 allows attackers to write to the sandbox-profile cache via a sand...
CVE-2014-8829 SceneKit in Apple OS X before 10.10.2 allows attackers to execute arbitrary code or cause a denial o...
CVE-2014-8830 Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 allows remote attackers to execu...
CVE-2014-8831 security_taskgate in Apple OS X before 10.10.2 allows attackers to read group-ACL-restricted keychai...
CVE-2014-8832 The indexing functionality in Spotlight in Apple OS X before 10.10.2 writes memory contents to an ex...
CVE-2014-8833 SpotlightIndex in Apple OS X before 10.10.2 does not properly perform deserialization during access ...
CVE-2014-8834 UserAccountUpdater in Apple OS X 10.10 before 10.10.2 stores a PDF document's password in a printing...
CVE-2014-8835 The xpc_data_get_bytes function in libxpc in Apple OS X before 10.10.2 does not verify that a dictio...
E
CVE-2014-8836 The Bluetooth driver in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a pr...
E
CVE-2014-8837 Multiple unspecified vulnerabilities in the Bluetooth driver in Apple OS X before 10.10.2 allow atta...
CVE-2014-8838 The Security component in Apple OS X before 10.10.2 does not properly process cached information abo...
CVE-2014-8839 Spotlight in Apple OS X before 10.10.2 does not enforce the Mail "Load remote content in messages" c...
CVE-2014-8840 The iTunes Store component in Apple iOS before 8.1.3 allows remote attackers to bypass a Safari sand...
CVE-2014-8841 Rejected reason: This candidate is unused by its CNA....
R
CVE-2014-8842 Rejected reason: This candidate is unused by its CNA....
R
CVE-2014-8843 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8844 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8845 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8846 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8847 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8848 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8849 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8850 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8851 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8852 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8853 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8854 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8855 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8856 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8857 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8858 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8859 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8860 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8861 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8862 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8863 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8864 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8865 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8866 The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a ...
S
CVE-2014-8867 The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks prope...
S
CVE-2014-8868 EntryPass N5200 Active Network Control Panel does not properly restrict access, which allows remote ...
E
CVE-2014-8869 Multiple cross-site scripting (XSS) vulnerabilities in mobiquo/smartbanner/welcome.php in the Tapata...
E S
CVE-2014-8870 Open redirect vulnerability in mobiquo/smartbanner/welcome.php in the Tapatalk (com.tapatalk.wbb4) p...
E
CVE-2014-8871 Directory traversal vulnerability in hybris Commerce software suite 5.0.3.3 and earlier, 5.0.0.3 and...
E
CVE-2014-8872 Improper Verification of Cryptographic Signature in AVM FRITZ!Box 6810 LTE after firmware 5.22, FRIT...
E
CVE-2014-8873 A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 includes a MIME type registratio...
CVE-2014-8874 The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses predictable names for the questionna...
E
CVE-2014-8875 The XML_RPC_cd function in lib/pear/XML/RPC.php in Revive Adserver before 3.0.6 allows remote attack...
S
CVE-2014-8877 The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Do...
E
CVE-2014-8878 KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allow...
S
CVE-2014-8884 Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/...
CVE-2014-8886 AVM FRITZ!OS before 6.30 extracts the contents of firmware updates before verifying their cryptograp...
E
CVE-2014-8887 IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1,...
CVE-2014-8888 The remote administration interface in D-Link DIR-815 devices with firmware before 2.03.B02 allows r...
CVE-2014-8889 Dropbox SDK for Android before 1.6.2 might allow remote attackers to obtain sensitive information vi...
CVE-2014-8890 IBM WebSphere Application Server Liberty Profile 8.5.x before 8.5.5.4 allows remote attackers to gai...
CVE-2014-8891 Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 ...
CVE-2014-8892 Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 ...
CVE-2014-8893 Multiple cross-site scripting (XSS) vulnerabilities in (1) mainpage.jsp and (2) GetImageServlet.img ...
S
CVE-2014-8894 Open redirect vulnerability in IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3...
S
CVE-2014-8895 IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allows remo...
S
CVE-2014-8896 The Collaboration Server in IBM InfoSphere Master Data Management Server for Product Information Man...
CVE-2014-8897 Cross-site scripting (XSS) vulnerability in the Collaboration Server in IBM InfoSphere Master Data M...
CVE-2014-8898 Cross-site scripting (XSS) vulnerability in the Collaboration Server in IBM InfoSphere Master Data M...
CVE-2014-8899 Cross-site scripting (XSS) vulnerability in the Collaboration Server in IBM InfoSphere Master Data M...
CVE-2014-8900 Cross-site request forgery (CSRF) vulnerability in IBM UrbanCode Release 6.0.1.6 and earlier, 6.1.0....
CVE-2014-8901 IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 a...
CVE-2014-8902 Cross-site scripting (XSS) vulnerability in the Blog Portlet in IBM WebSphere Portal 6.1.0 through 6...
S
CVE-2014-8903 IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5iFix10 and 6.0.5 before...
CVE-2014-8904 lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges...
E
CVE-2014-8909 Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5...
S
CVE-2014-8910 IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and...
S
CVE-2014-8911 Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.0 and 2.0.1 before 2.0.1.2 FP0...
CVE-2014-8912 IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 C...
S
CVE-2014-8913 Cross-site scripting (XSS) vulnerability in the Process Portal in IBM Business Process Manager 8.0 t...
S
CVE-2014-8914 Cross-site scripting (XSS) vulnerability in the Process Portal in IBM Business Process Manager 8.0 t...
S
CVE-2014-8916 Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before ...
S
CVE-2014-8917 Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka up...
S
CVE-2014-8918 IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 does not properly verify X.509 certific...
CVE-2014-8920 Buffer overflow in the Data Transfer Program in IBM i Access 5770-XE1 5R4, 6.1, and 7.1 on Windows a...
S
CVE-2014-8921 The IBM Notes Traveler Companion application 1.0 and 1.1 before 201411010515 for Window Phone, as di...
CVE-2014-8923 The (1) IBM Tivoli Identity Manager Active Directory adapter before 5.1.24 and (2) IBM Security Iden...
S
CVE-2014-8924 The server in IBM License Metric Tool 7.2.2 before IF15 and 7.5 before IF24 and Tivoli Asset Discove...
S
CVE-2014-8925 Cross-site request forgery (CSRF) vulnerability in ClearQuest Web in IBM Rational ClearQuest 7.1.x b...
S
CVE-2014-8926 Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; En...
S
CVE-2014-8927 Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; En...
S
CVE-2014-8928 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8929 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8931 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8932 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8933 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8934 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8935 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8936 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8937 Lexiglot through 2014-11-20 allows denial of service because api/update.php launches svn update oper...
E
CVE-2014-8938 Lexiglot through 2014-11-20 allows local users to obtain sensitive information by listing a process ...
E
CVE-2014-8939 Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (full path) via ...
E
CVE-2014-8940 Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (names and detai...
E
CVE-2014-8941 Lexiglot through 2014-11-20 allows SQL injection via an admin.php?page=users&from_id= or admin.php?p...
E
CVE-2014-8942 Lexiglot through 2014-11-20 allows CSRF....
E
CVE-2014-8943 Lexiglot through 2014-11-20 allows SSRF via the admin.php?page=projects svn_url parameter....
E
CVE-2014-8944 Lexiglot through 2014-11-20 allows XSS (Reflected) via the username, or XSS (Stored) via the admin.p...
E
CVE-2014-8945 admin.php?page=projects in Lexiglot through 2014-11-20 allows command injection via username and pas...
E
CVE-2014-8948 Cross-site request forgery (CSRF) vulnerability in the iMember360 plugin 3.8.012 through 3.9.001 for...
E
CVE-2014-8949 The iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows remote authenticated administrato...
E
CVE-2014-8950 Unspecified vulnerability in Check Point Security Gateway R77 and R77.10, when the (1) URL Filtering...
CVE-2014-8951 Unspecified vulnerability in Check Point Security Gateway R75, R76, R77, and R77.10, when UserCheck ...
CVE-2014-8952 Multiple unspecified vulnerabilities in Check Point Security Gateway R75.40VS, R75.45, R75.46, R75.4...
CVE-2014-8953 Multiple cross-site request forgery (CSRF) vulnerabilities in Php Scriptlerim Who's Who script allow...
E
CVE-2014-8954 Multiple cross-site scripting (XSS) vulnerabilities in phpSound 1.0.5 allow remote attackers to inje...
E
CVE-2014-8955 Cross-site scripting (XSS) vulnerability in the Contact Form Clean and Simple (clean-and-simple-cont...
E
CVE-2014-8956 Stack-based buffer overflow in the K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) b...
E
CVE-2014-8957 Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 allows remote authenticated users t...
E
CVE-2014-8958 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x befor...
S
CVE-2014-8959 Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyA...
E
CVE-2014-8960 Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting fe...
E
CVE-2014-8961 Directory traversal vulnerability in libraries/error_report.lib.php in the error-reporting feature i...
S
CVE-2014-8962 Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to e...
CVE-2014-8964 Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of ser...
CVE-2014-8966 Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a...
CVE-2014-8967 Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbit...
CVE-2014-8968 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8969 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8970 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8971 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8972 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8973 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8974 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8975 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8976 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8977 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8978 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8979 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8980 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8981 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8982 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8983 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8984 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2014-8985 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
S
CVE-2014-8986 Cross-site scripting (XSS) vulnerability in the selection list in the filters in the Configuration R...
CVE-2014-8987 Cross-site scripting (XSS) vulnerability in the "set configuration" box in the Configuration Report ...
CVE-2014-8988 MantisBT before 1.2.18 allows remote authenticated users to bypass the $g_download_attachments_thres...
CVE-2014-8989 The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group membership...
E
CVE-2014-8990 default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary comman...
E S
CVE-2014-8991 pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package install...
S
CVE-2014-8992 Cross-site scripting (XSS) vulnerability in manager/assets/fileapi/FileAPI.flash.image.swf in MODX R...
E
CVE-2014-8993 Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite before 7.4.2-r...
CVE-2014-8994 The check_diskio plugin 3.2.6 and earlier for Nagios and Icinga allows local users to write to arbit...
CVE-2014-8995 SQL injection vulnerability in Maarch LetterBox 2.8 allows remote attackers to execute arbitrary SQL...
E
CVE-2014-8996 Multiple cross-site scripting (XSS) vulnerabilities in Nibbleblog before 4.0.2 allow remote attacker...
E
CVE-2014-8997 Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya Digi Online Exami...
E
CVE-2014-8998 lib/message.php in X7 Chat 2.0.0 through 2.0.5.1 allows remote authenticated users to execute arbitr...
E
CVE-2014-8999 SQL injection vulnerability in htdocs/modules/system/admin.php in XOOPS before 2.5.7 Final allows re...
E
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.