Search

Search Results (364697 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-8001 1 Cisco 1 Openh264 2025-04-12 N/A
Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.
CVE-2014-8002 1 Cisco 1 Openh264 2025-04-12 N/A
Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.
CVE-2014-8003 1 Cisco 1 Unified Computing System 2025-04-12 N/A
Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998.
CVE-2014-8005 1 Cisco 1 Ios Xr 2025-04-12 N/A
Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (process reload) by establishing many TCP sessions, aka Bug ID CSCuq45239.
CVE-2014-8006 1 Cisco 1 Isb8320-e High-definition Ip-only Dvr 2025-04-12 N/A
The Disaster Recovery (DRA) feature on the Cisco ISB8320-E High-Definition IP-Only DVR allows remote attackers to bypass authentication by establishing a TELNET session during a recovery boot, aka Bug ID CSCup85422.
CVE-2014-8007 1 Cisco 1 Prime Infrastructure 2025-04-12 N/A
Cisco Prime Infrastructure allows remote authenticated users to read device-discovery passwords by examining the HTML source code of the Quick Discovery options page, aka Bug ID CSCum00019.
CVE-2014-8008 1 Cisco 1 Unified Communications Manager 2025-04-12 N/A
Absolute path traversal vulnerability in the Real-Time Monitoring Tool (RTMT) API in Cisco Unified Communications Manager (CUCM) allows remote authenticated users to read arbitrary files via a full pathname in an API command, aka Bug ID CSCur49414.
CVE-2014-8009 1 Cisco 1 Unified Computing System 2025-04-12 N/A
The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive information by reading log files, aka Bug ID CSCur99239.
CVE-2014-8010 1 Cisco 1 Unified Communications Domain Manager 2025-04-12 N/A
The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated administrators to execute arbitrary OS commands via crafted values, aka Bug ID CSCuq50205.
CVE-2014-8012 1 Cisco 1 Adaptive Security Appliance Software 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via crafted attributes in a cookie, aka Bug ID CSCuh24695.
CVE-2014-8013 1 Cisco 1 Nx-os 2025-04-12 N/A
The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a denial of service (device reload) via a long CLI command, aka Bug ID CSCur54182.
CVE-2014-8014 1 Cisco 1 Ios Xr 2025-04-12 N/A
Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCub63710.
CVE-2014-8015 1 Cisco 1 Identity Services Engine Software 2025-04-12 N/A
The Sponsor Portal in Cisco Identity Services Engine (ISE) allows remote authenticated users to obtain access to an arbitrary sponsor's guest account via a modified HTTP request, aka Bug ID CSCur64400.
CVE-2014-8016 1 Cisco 1 Ironport Email Security Appliances 2025-04-12 N/A
The Cisco IronPort Email Security Appliance (ESA) allows remote attackers to cause a denial of service (CPU consumption) via long Subject headers in e-mail messages, aka Bug ID CSCzv93864.
CVE-2014-8017 1 Cisco 1 Identity Services Engine Software 2025-04-12 N/A
The periodic-backup feature in Cisco Identity Services Engine (ISE) allows remote attackers to discover backup-encryption passwords via a crafted request that triggers inclusion of a password in a reply, aka Bug ID CSCur41673.
CVE-2014-8018 1 Cisco 1 Unified Communications Domain Manager 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco Unified Communications Domain Manager 8 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCur19651, CSCur18555, CSCur19630, and CSCur19661.
CVE-2014-8019 1 Cisco 1 Enterprise Content Delivery System 2025-04-12 N/A
Directory traversal vulnerability in Cisco Enterprise Content Delivery System (ECDS) allows remote attackers to read arbitrary files via a crafted URL, aka Bug ID CSCuo90148.
CVE-2014-8020 1 Cisco 1 Unified Communications Domain Manager 2025-04-12 N/A
Cisco Unified Communication Domain Manager Platform Software allows remote attackers to cause a denial of service (CPU consumption, and performance degradation or service outage) via a flood of malformed TCP packets and UDP packets, aka Bug ID CSCup25276.
CVE-2014-8021 1 Cisco 2 Anyconnect Secure Mobility Client, Hostscan Engine 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Cisco AnyConnect Secure Mobility Client 3.1(.02043) and earlier and Cisco HostScan Engine 3.1(.05183) and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving an applet-path URL, aka Bug IDs CSCup82990 and CSCuq80149.
CVE-2014-8022 1 Cisco 1 Identity Services Engine Software 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Identity Services Engine allow remote attackers to inject arbitrary web script or HTML via input to unspecified web pages, aka Bug IDs CSCur69835 and CSCur69776.