Search Results (26483 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-2106 1 Cisco 2 Ios, Ios Xe 2025-04-12 N/A
Cisco IOS 15.3M before 15.3(3)M2 and IOS XE 3.10.xS before 3.10.2S allow remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCug45898.
CVE-2014-2121 1 Cisco 1 Hosted Collaboration Solution 2025-04-12 N/A
The Java-based software in Cisco Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (closing of TCP ports) via unspecified vectors, aka Bug IDs CSCug77633, CSCug77667, CSCug78266, CSCug82795, and CSCuh58643.
CVE-2014-2278 1 Seeddms 1 Seeddms 2025-04-12 N/A
Unrestricted file upload vulnerability in op/op.AddFile2.php in SeedDMS (formerly LetoDMS and MyDMS) before 4.3.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension specified by the partitionIndex parameter and leveraging CVE-2014-2279.2 to access it via the directory specified by the fileId parameter.
CVE-2015-0628 1 Cisco 1 Web Security Appliance 2025-04-12 N/A
The proxy engine on Cisco Web Security Appliance (WSA) devices allows remote attackers to bypass intended proxying restrictions via a malformed HTTP method, aka Bug ID CSCus79174.
CVE-2014-2310 1 Net-snmp 1 Net-snmp 2025-04-12 N/A
The AgentX subagent in Net-SNMP before 5.4.4 allows remote attackers to cause a denial of service (hang) by sending a multi-object request with an Object ID (OID) containing more subids than previous requests, a different vulnerability than CVE-2012-6151.
CVE-2015-0061 1 Microsoft 9 Windows 7, Windows 8, Windows 8.1 and 6 more 2025-04-12 N/A
Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize memory for TIFF images, which allows remote attackers to obtain sensitive information from process memory via a crafted image file, aka "TIFF Processing Information Disclosure Vulnerability."
CVE-2014-2332 1 Check Mk Project 1 Check Mk 2025-04-12 N/A
Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct Object References." NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330.
CVE-2014-2585 1 Owncloud 1 Owncloud Server 2025-04-12 N/A
ownCloud before 5.0.15 and 6.x before 6.0.2, when the file_external app is enabled, allows remote authenticated users to mount the local filesystem in the user's ownCloud via the mount configuration.
CVE-2012-6656 3 Canonical, Debian, Gnu 3 Ubuntu Linux, Debian Linux, Glibc 2025-04-12 N/A
iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8.
CVE-2014-2744 2 Lightwitch, Prosody 2 Metronome, Prosody 2025-04-12 N/A
plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightwitch Metronome through 3.4 negotiates stream compression while a session is unauthenticated, which allows remote attackers to cause a denial of service (resource consumption) via compressed XML elements in an XMPP stream, aka an "xmppbomb" attack.
CVE-2014-2779 1 Microsoft 1 Malware Protection Engine 2025-04-12 N/A
mpengine.dll in Microsoft Malware Protection Engine before 1.1.10701.0 allows remote attackers to cause a denial of service (system hang) via a crafted file.
CVE-2014-3045 1 Ibm 1 Scale Out Network Attached Storage 2025-04-12 N/A
IBM Scale Out Network Attached Storage (SONAS) 1.3.x and 1.4.x before 1.4.3.3 places an administrative password in the shell history upon use of the -p option to chuser, which allows local users to obtain sensitive information by leveraging root access.
CVE-2014-3064 1 Ibm 2 Infosphere Master Data Management Collaboration Server, Infosphere Master Data Management Server For Product Information Management 2025-04-12 N/A
The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0 FP4 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 allows remote authenticated users to read arbitrary files via a crafted UNIX file parameter.
CVE-2014-3077 1 Ibm 2 Storwize Unified V7000, Storwize V7000 Unified Software 2025-04-12 N/A
IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x before 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.
CVE-2014-3092 1 Ibm 7 Rational Doors Next Generation, Rational Engineering Lifecycle Manager, Rational Quality Manager and 4 more 2025-04-12 N/A
IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products, does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
CVE-2014-3095 3 Ibm, Linux, Microsoft 3 Db2, Linux Kernel, Windows 2025-04-12 N/A
The SQL engine in IBM DB2 9.5 through FP10, 9.7 through FP9a, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP4 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted UNION clause in a subquery of a SELECT statement.
CVE-2014-3216 1 Gomlab 1 Gom Media Player 2025-04-12 N/A
GOM Media Player 2.2.57.5189 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file.
CVE-2014-3263 1 Cisco 1 Ios 2025-04-12 N/A
The ScanSafe module in Cisco IOS 15.3(3)M allows remote attackers to cause a denial of service (device reload) via HTTPS packets that require tower processing, aka Bug ID CSCum97038.
CVE-2014-3269 1 Cisco 1 Ios Xe 2025-04-12 N/A
The SNMP module in Cisco IOS XE 3.5E allows remote authenticated users to cause a denial of service (device reload) by polling frequently, aka Bug ID CSCug65204.
CVE-2014-3270 1 Cisco 1 Ios Xr 2025-04-12 N/A
The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed packet, aka Bug ID CSCul80924.