Export limit exceeded: 364816 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364816 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-8504 4 Canonical, Fedoraproject, Gnu and 1 more 4 Ubuntu Linux, Fedora, Binutils and 1 more 2025-04-12 N/A
Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.
CVE-2014-8505 1 Etiko 1 Etiko Cms 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Etiko CMS allow remote attackers to inject arbitrary web script or HTML via the (1) page_id parameter to loja/index.php or (2) article_id parameter to index.php.
CVE-2014-8506 1 Etiko 1 Etiko Cms 2025-04-12 N/A
Multiple SQL injection vulnerabilities in Etiko CMS allow remote attackers to execute arbitrary SQL commands via the (1) page_id parameter to loja/index.php or (2) article_id parameter to index.php.
CVE-2014-8507 1 Google 1 Android 2025-04-12 N/A
Multiple SQL injection vulnerabilities in the queryLastApp method in packages/WAPPushManager/src/com/android/smspush/WapPushManager.java in the WAPPushManager module in Android before 5.0.0 allow remote attackers to execute arbitrary SQL commands, and consequently launch an activity or service, via the (1) wapAppId or (2) contentType field of a PDU for a malformed WAPPush message, aka Bug 17969135.
CVE-2014-8508 1 Denon 1 Avr-3313ci 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in s_network.asp in the Denon AVR-3313CI audio/video receiver allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to Friendlyname.
CVE-2014-8509 1 Bittorrent 1 Bootstrap-dht 2025-04-12 N/A
The lazy_bdecode function in BitTorrent bootstrap-dht (aka Bootstrap) allows remote attackers to execute arbitrary code via a crafted packet, which triggers an out-of-bounds read, related to "Improper Indexing."
CVE-2014-8510 1 Trendmicro 1 Interscan Web Security Virtual Appliance 2025-04-12 N/A
The AdminUI in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) before 6.0 HF build 1244 allows remote authenticated users to read arbitrary files via vectors related to configuration input when saving filters.
CVE-2014-8511 1 Schneider-electric 1 Proclima 2025-04-12 N/A
Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8512. NOTE: this may be clarified later based on details provided by researchers.
CVE-2014-8512 1 Schneider Electric 1 Proclima 2025-04-12 N/A
Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8511. NOTE: this may be clarified later based on details provided by researchers.
CVE-2014-8513 1 Schneider Electric 1 Proclima 2025-04-12 N/A
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8514 and CVE-2014-9188. NOTE: this may be clarified later based on details provided by researchers.
CVE-2014-8514 1 Schneider Electric 1 Proclima 2025-04-12 N/A
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-9188. NOTE: this may be clarified later based on details provided by researchers.
CVE-2014-8517 2 Apple, Netbsd 2 Mac Os X, Netbsd 2025-04-12 N/A
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect.
CVE-2014-8518 1 Mcafee 2 Endpoint Encryption For Files And Folders, File And Removable Media Protection 2025-04-12 N/A
The (1) Removable Media and (2) CD and DVD encryption offsite access options (formerly Endpoint Encryption for Removable Media or EERM) in McAfee File and Removable Media Protection (FRP) 4.3.0.x, and Endpoint Encryption for Files and Folders (EEFF) 3.2.x through 4.2.x, uses a hard-coded salt, which makes it easier for local users to obtain passwords via a brute force attack.
CVE-2014-8519 1 Mcafee 1 Network Data Loss Prevention 2025-04-12 N/A
Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to read arbitrary files via unknown vectors.
CVE-2014-8520 1 Mcafee 1 Network Data Loss Prevention 2025-04-12 N/A
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to obtain sensitive information via vectors related to open network ports.
CVE-2014-8521 1 Mcafee 1 Network Data Loss Prevention 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-8522 1 Mcafee 1 Network Data Loss Prevention 2025-04-12 N/A
The MySQL database in McAfee Network Data Loss Prevention (NDLP) before 9.3 does not require a password, which makes it easier for remote attackers to obtain access.
CVE-2014-8523 1 Mcafee 1 Network Data Loss Prevention 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2014-8524 1 Mcafee 1 Network Data Loss Prevention 2025-04-12 N/A
McAfee Network Data Loss Prevention (NDLP) before 9.3 does not disable the autocomplete setting for the password and other fields, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2014-8525 1 Mcafee 1 Network Data Loss Prevention 2025-04-12 N/A
McAfee Network Data Loss Prevention (NDLP) before 9.3 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.