Export limit exceeded: 363701 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363701 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-3877 1 Ulli Horlacher 1 Fex 2025-04-12 N/A
Incomplete blacklist vulnerability in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allows remote attackers to conduct cross-site scripting (XSS) attacks via the addto parameter to fup.
CVE-2014-3878 1 Ipswitch 1 Imail Server 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the web client interface in Ipswitch IMail Server 12.3 and 12.4, possibly before 12.4.1.15, allow remote attackers to inject arbitrary web script or HTML via (1) the Name field in an add new contact action in the Contacts section or unspecified vectors in (2) an Add Group task in the Contacts section, (3) an add new event action in the Calendar section, or (4) the Task section.
CVE-2014-3880 1 Freebsd 1 Freebsd 2025-04-12 N/A
The (1) execve and (2) fexecve system calls in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 10.0 before p4 destroys the virtual memory address space and mappings for a process before all threads have terminated, which allows local users to cause a denial of service (triple-fault and system reboot) via a crafted system call, which triggers an invalid page table pointer dereference.
CVE-2014-3881 1 Intercom 1 Web Kyukincho 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in Intercom Web Kyukincho 3.x before 3.0.030 allows remote attackers to hijack the authentication of arbitrary users.
CVE-2014-3882 1 12net 1 Login Rebuilder 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in the Login rebuilder plugin before 1.2.0 for WordPress allows remote attackers to hijack the authentication of arbitrary users.
CVE-2014-3883 1 Webmin 1 Usermin 2025-04-12 N/A
Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via unspecified vectors related to a user action.
CVE-2014-3884 1 Webmin 1 Usermin 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Usermin before 1.600 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924.
CVE-2014-3885 1 Webmin 1 Webmin 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Webmin before 1.690 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924.
CVE-2014-3886 1 Webmin 1 Webmin 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Webmin before 1.690, when referrer checking is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924.
CVE-2014-3904 1 Tenfourzero 1 Shutter 2025-04-12 N/A
SQL injection vulnerability in lib/admin.php in tenfourzero Shutter 0.1.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2014-3888 1 Yokogawa 15 B\/m9000 Vp, B\/m9000 Vp Software, B\/m9000cs and 12 more 2025-04-12 N/A
Stack-based buffer overflow in BKFSim_vhfd.exe in Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R5.03.20 and earlier, Exaopc R3.72.00 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier, when FCS/Test Function is enabled, allows remote attackers to execute arbitrary code via a crafted packet.
CVE-2014-3889 1 Silex 2 Sx-2000wg, Sx-2000wg Firmware 2025-04-12 N/A
silex SX-2000WG devices with firmware before 1.5.4 allow remote attackers to cause a denial of service (connectivity outage) via crafted data in the Options field of a TCP header, a different vulnerability than CVE-2014-3890.
CVE-2014-3890 1 Silex 2 Sx-2000wg, Sx-2000wg Firmware 2025-04-12 N/A
silex SX-2000WG devices with firmware before 1.5.4 allow remote attackers to cause a denial of service (connectivity outage) via a crafted IP packet, a different vulnerability than CVE-2014-3889.
CVE-2014-3891 1 Rimarts 1 Becky\! Internet Mail 2025-04-12 N/A
Buffer overflow in RimArts Becky! Internet Mail before 2.68 allows remote POP3 servers to execute arbitrary code via a crafted response.
CVE-2014-3892 1 Nexatechnologies 1 Meridian 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Nexa Meridian before 2014 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-3894 1 Php Kobo 1 Multifunctional Mailform Free 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header.
CVE-2014-3905 1 Tenfourzero 1 Shutter 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in tenfourzero Shutter 0.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-3895 1 Iodata 12 Ts-ptcam\/poe Camera, Ts-ptcam\/poe Camera Firmware, Ts-ptcam Camera and 9 more 2025-04-12 N/A
The I-O DATA TS-WLCAM camera with firmware 1.06 and earlier, TS-WLCAM/V camera with firmware 1.06 and earlier, TS-WPTCAM camera with firmware 1.08 and earlier, TS-PTCAM camera with firmware 1.08 and earlier, TS-PTCAM/POE camera with firmware 1.08 and earlier, and TS-WLC2 camera with firmware 1.02 and earlier allow remote attackers to bypass authentication, and consequently obtain sensitive credential and configuration data, via unspecified vectors.
CVE-2014-3896 1 Seeds 1 Acmailer 2025-04-12 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in CGI programs in Seeds acmailer before 3.8.17 and 3.9.x before 3.9.10 Beta allow remote attackers to hijack the authentication of arbitrary users for requests that modify or delete data, as demonstrated by modifying data affecting authorization.
CVE-2014-3897 1 Homepage Decorator Perlmailer Project 1 Homepage Decorator Perlmailer 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Homepage Decorator PerlMailer 3.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.