Total
12277 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-2271 | 2 Huawei, Wps | 3 P2-6011, P2-6011 Firmware, Wps Office | 2024-11-21 | 8.1 High |
| cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java code by leveraging a network position between the client and the registry to block HTTPS traffic. | ||||
| CVE-2014-2032 | 2 Deadwood Project, Maradns Project | 2 Deadwood, Maradns | 2024-11-21 | N/A |
| Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS before 1.4.14 and 2.x before 2.0.09, allow remote attackers to cause a denial of service (out-of-bounds read and crash) by leveraging permission to perform recursive queries against Deadwood, related to missing input validation. | ||||
| CVE-2014-1937 | 1 Gamera Project | 1 Gamera | 2024-11-21 | 7.5 High |
| Gamera before 3.4.1 insecurely creates temporary files. | ||||
| CVE-2014-1936 | 2 Debian, Rc Project | 2 Debian Linux, Rc | 2024-11-21 | 7.5 High |
| rc before 1.7.1-5 insecurely creates temporary files. | ||||
| CVE-2014-1935 | 2 9base Project, Debian | 2 9base, Debian Linux | 2024-11-21 | 5.3 Medium |
| 9base 1:6-6 and 1:6-7 insecurely creates temporary files which results in predictable filenames. | ||||
| CVE-2014-1858 | 1 Numpy | 1 Numpy | 2024-11-21 | N/A |
| __init__.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2014-1426 | 1 Canonical | 1 Metal As A Service | 2024-11-21 | N/A |
| A vulnerability in maasserver.api.get_file_by_name of Ubuntu MAAS allows unauthenticated network clients to download any file. This issue affects: Ubuntu MAAS versions prior to 1.9.2. | ||||
| CVE-2014-10384 | 1 Memphis Documents Library Project | 1 Memphis Documents Library | 2024-11-21 | N/A |
| The memphis-documents-library plugin before 3.0 for WordPress has Local File Inclusion. | ||||
| CVE-2014-10383 | 1 Memphis Documents Library Project | 1 Memphis Documents Library | 2024-11-21 | N/A |
| The memphis-documents-library plugin before 3.0 for WordPress has Remote File Inclusion. | ||||
| CVE-2014-10077 | 2 Debian, I18n Project | 2 Debian Linux, I18n | 2024-11-21 | N/A |
| Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash. | ||||
| CVE-2014-10051 | 1 Qualcomm | 30 Mdm9206, Mdm9206 Firmware, Mdm9607 and 27 more | 2024-11-21 | N/A |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SDX20, after loading a dynamically loaded code section, I-Cache is not invalidated, which could lead to executing code from stale cache lines. | ||||
| CVE-2014-0900 | 1 Google | 1 Android | 2024-11-21 | N/A |
| The Device Administrator code in Android before 4.4.1_r1 might allow attackers to spoof device administrators and consequently bypass MDM restrictions by leveraging failure to update the mAdminMap data structure. | ||||
| CVE-2014-0593 | 1 Opensuse | 1 Open Build Service | 2024-11-21 | N/A |
| The set_version script as shipped with obs-service-set_version is a source validator for the Open Build Service (OBS). In versions prior to 0.5.3-1.1 this script did not properly sanitize the input provided by the user, allowing for code execution on the executing server. | ||||
| CVE-2014-0486 | 1 Nic | 1 Knot Cms | 2024-11-21 | N/A |
| Knot DNS before 1.5.2 allows remote attackers to cause a denial of service (application crash) via a crafted DNS message. | ||||
| CVE-2014-0144 | 2 Qemu, Redhat | 11 Qemu, Enterprise Linux, Enterprise Linux Desktop and 8 more | 2024-11-21 | 8.6 High |
| QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process. | ||||
| CVE-2014-0091 | 2 Redhat, Theforeman | 2 Satellite, Foreman | 2024-11-21 | 5.3 Medium |
| Foreman has improper input validation which could lead to partial Denial of Service | ||||
| CVE-2014-0084 | 1 Redhat | 2 Openshift, Openshift Origin | 2024-11-21 | 5.5 Medium |
| Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly. | ||||
| CVE-2014-0048 | 2 Apache, Docker | 2 Geode, Docker | 2024-11-21 | 9.8 Critical |
| An issue was found in Docker before 1.6.0. Some programs and scripts in Docker are downloaded via HTTP and then executed or used in unsafe ways. | ||||
| CVE-2013-7483 | 1 Hbwsl | 1 Slidedeck 2 | 2024-11-21 | N/A |
| The slidedeck2 plugin before 2.3.5 for WordPress has file inclusion. | ||||
| CVE-2013-7333 | 1 Projectfloodlight | 1 Open Sdn Controller | 2024-11-21 | 7.5 High |
| A vulnerability in version 0.90 of the Open Floodlight SDN controller software could allow an attacker with access to the OpenFlow control network to selectively disconnect individual switches from the SDN controller, causing degradation and eventually denial of network access to all devices connected to the targeted switch. | ||||