Export limit exceeded: 364840 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364840 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364840 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-8580 1 Citrix 2 Netscaler Application Delivery Controller Firmware, Netscaler Gateway Firmware 2025-04-12 N/A
Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access "network resources" of other users via unknown vectors.
CVE-2014-8582 1 Fortinet 7 Coyote Point Equalizer, Coyote Point Equalizer Firmware, Fortiadc-1000e and 4 more 2025-04-12 N/A
FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firmware 10.2.0a allows remote attackers to obtain access to arbitrary subnets via unspecified vectors.
CVE-2014-8583 1 Modwsgi 1 Mod Wsgi 2025-04-12 N/A
mod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors.
CVE-2014-8584 1 Web-dorado 1 Web-dorado Spider Video Player 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Web Dorado Spider Video Player (aka WordPress Video Player) plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-8762 1 Dokuwiki 1 Dokuwiki 2025-04-12 N/A
The ajax_mediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access arbitrary images via a crafted namespace in the ns parameter.
CVE-2014-8585 1 W3eden 1 Download Manager 2025-04-12 N/A
Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the fname parameter to (1) views/file_download.php or (2) file_download.php.
CVE-2014-8586 1 Cp Multi View Event Calendar Project 1 Cp Multi View Event Calendar 2025-04-12 N/A
SQL injection vulnerability in the CP Multi View Event Calendar plugin 1.01 for WordPress allows remote attackers to execute arbitrary SQL commands via the calid parameter.
CVE-2014-8587 1 Sap 5 Commoncryptolib, Hana, Netweaver and 2 more 2025-04-12 N/A
SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote attackers to spoof Digital Signature Algorithm (DSA) signatures via unspecified vectors.
CVE-2014-8588 1 Sap 1 Hana 2025-04-12 N/A
SQL injection vulnerability in metadata.xsjs in SAP HANA 1.00.60.379371 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2014-8589 1 Sap 1 Network Interface Router 2025-04-12 N/A
Integer overflow in SAP Network Interface Router (SAProuter) 40.4 allows remote attackers to cause a denial of service (resource consumption) via crafted requests.
CVE-2014-8590 1 Sap 1 Netweaver Java Application Server 2025-04-12 N/A
XML external entity (XXE) vulnerability in the Web Service Navigator in SAP NetWeaver Application Server (AS) Java allows remote attackers to access arbitrary files via a crafted request.
CVE-2014-8591 1 Sap 1 Netweaver 2025-04-12 N/A
Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via unknown vectors.
CVE-2014-8592 1 Sap 1 Netweaver 2025-04-12 N/A
Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via a crafted request.
CVE-2014-8593 1 Allomani 1 Allomani Weblinks 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Allomani Weblinks 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) default URI to admin.php or the (2) id parameter to admin.php or (3) go.php.
CVE-2014-8594 3 Debian, Opensuse, Xen 3 Debian Linux, Opensuse, Xen 2025-04-12 N/A
The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointer dereference) by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging (HAP).
CVE-2014-8595 3 Debian, Opensuse, Xen 3 Debian Linux, Opensuse, Xen 2025-04-12 N/A
arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a crafted (1) CALL, (2) JMP, (3) RETF, (4) LCALL, (5) LJMP, or (6) LRET far branch instruction.
CVE-2014-8596 1 Php-fusion 1 Php-fusion 2025-04-12 N/A
Multiple SQL injection vulnerabilities in PHP-Fusion 7.02.07 allow remote authenticated users to execute arbitrary SQL commands via the (1) submit_id parameter in a 2 action to files/administration/submissions.php or (2) status parameter to files/administration/members.php.
CVE-2014-8600 3 Kde, Opensuse, Urs Wolfer 4 Kde-runtime, Kio-extras, Opensuse and 1 more 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using the (1) zip, (2) trash, (3) tar, (4) thumbnail, (5) smtps, (6) smtp, (7) smb, (8) remote, (9) recentdocuments, (10) nntps, (11) nntp, (12) network, (13) mbox, (14) ldaps, (15) ldap, (16) fonts, (17) file, (18) desktop, (19) cgi, (20) bookmarks, or (21) ar scheme, which is not properly handled in an error message.
CVE-2014-8601 2 Debian, Powerdns 2 Debian Linux, Recursor 2025-04-12 N/A
PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service ("performance degradations") via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it.
CVE-2014-8602 4 Canonical, Debian, Nlnetlabs and 1 more 4 Ubuntu Linux, Debian Linux, Unbound and 1 more 2025-04-12 N/A
iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.