Export limit exceeded: 364612 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364612 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-6616 | 1 Softing | 2 Fg-100 Profibus, Fg-x00 Profibus Firmware | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) with firmware FG-x00-PB_V2.02.0.00 allows remote attackers to inject arbitrary web script or HTML via the DEVICE_NAME parameter to cgi-bin/CFGhttp/. | ||||
| CVE-2014-6618 | 1 Your Online Shop Project | 1 Your Online Shop | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Your Online Shop allows remote attackers to inject arbitrary web script or HTML via the products_id parameter. | ||||
| CVE-2014-6619 | 1 Restaurantmis | 1 Restaurant Script | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in register-exec.php in Restaurant Script (PizzaInn_Project) 1.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) fname, (2) lname, or (3) login parameter. | ||||
| CVE-2014-6620 | 1 Arubanetworks | 1 Clearpass | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-6621 | 1 Arubanetworks | 1 Clearpass | 2025-04-12 | N/A |
| Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not disable the troubleshooting and diagnostics page in production systems, which allows remote attackers to obtain version numbers, module configuration, and other sensitive information by reading the page. | ||||
| CVE-2014-6622 | 1 Arubanetworks | 1 Clearpass | 2025-04-12 | N/A |
| Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote attackers to determine the validity of filenames via unspecified vectors. | ||||
| CVE-2014-6624 | 1 Arubanetworks | 1 Clearpass | 2025-04-12 | N/A |
| The Insight module in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote authenticated users to read arbitrary files via unspecified vectors. | ||||
| CVE-2014-6625 | 1 Arubanetworks | 1 Clearpass | 2025-04-12 | N/A |
| The Policy Manager in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote authenticated users to gain privileges via unspecified vectors. | ||||
| CVE-2014-6626 | 1 Arubanetworks | 1 Clearpass | 2025-04-12 | N/A |
| Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not properly restrict access to unspecified administrative functions, which allows remote attackers to bypass authentication and execute administrative actions via unknown vectors. | ||||
| CVE-2014-6627 | 1 Arubanetworks | 1 Clearpass | 2025-04-12 | N/A |
| Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2014-5342. | ||||
| CVE-2014-6631 | 1 Joomla | 1 Joomla\! | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in com_media in Joomla! 3.2.x before 3.2.5 and 3.3.x before 3.3.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-6632 | 1 Joomla | 1 Joomla\! | 2025-04-12 | N/A |
| Joomla! 2.5.x before 2.5.25, 3.x before 3.2.4, and 3.3.x before 3.3.4 allows remote attackers to authenticate and bypass intended access restrictions via vectors involving LDAP authentication. | ||||
| CVE-2014-6635 | 1 Exponentcms | 1 Exponent Cms | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Exponent CMS 2.3.0 allows remote attackers to inject arbitrary web script or HTML via the src parameter in the search action to index.php. | ||||
| CVE-2014-6636 | 1 Rsupport | 1 Lg Telepresence | 2025-04-12 | N/A |
| The LG Telepresence (aka com.rsupport.rtc.lge) application 2.0.12 Build 63 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6637 | 1 Praninc | 1 Facebook Facts | 2025-04-12 | N/A |
| The Facebook Facts (aka com.wFacebookFacts) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6638 | 1 Wtmdesktop Project | 1 Wtmdesktop | 2025-04-12 | N/A |
| The wTMDesktop (aka com.wTMDesktop) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6639 | 1 Tiomobilepay | 1 Tio Mobilepay - Bill Payments | 2025-04-12 | N/A |
| The TIO MobilePay - Bill Payments (aka com.tionetworks.mobile.android.tioclient) application 1.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6640 | 1 Dnb | 1 Dnb Trade | 2025-04-12 | N/A |
| The DNB Trade (aka lt.dnb.mobiletrade) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6641 | 1 Gcspublishing | 1 Homesteading Today | 2025-04-12 | N/A |
| The Homesteading Today (aka com.tapatalk.homesteadingtodaycom) application 3.7.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6642 | 1 Marksdailyapple | 1 Mark\'s Daily Apple Forum | 2025-04-12 | N/A |
| The Mark's Daily Apple Forum (aka com.tapatalk.marksdailyapplecomforum) application 2.4.9.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||