Export limit exceeded: 338394 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 338394 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 338394 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (338394 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-5132 | 1 Avolvesoftware | 1 Projectdox | 2024-11-21 | N/A |
| Avolve Software ProjectDox 8.1 allows remote attackers to enumerate users via vectors related to email addresses. | ||||
| CVE-2014-5131 | 1 Avolvesoftware | 1 Projectdox | 2024-11-21 | N/A |
| Avolve Software ProjectDox 8.1 makes it easier for remote authenticated users to obtain sensitive information by leveraging ciphertext reuse. | ||||
| CVE-2014-5130 | 1 Avolvesoftware | 1 Projectdox | 2024-11-21 | N/A |
| Avolve Software ProjectDox 8.1 allows remote authenticated users to obtain sensitive information from other users via vectors involving a direct access token. | ||||
| CVE-2014-5118 | 3 Fedoraproject, Redhat, Trusted Boot Project | 3 Fedora, Enterprise Linux, Trusted Boot | 2024-11-21 | 5.5 Medium |
| Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability | ||||
| CVE-2014-5093 | 1 Status2k | 1 Status2k | 2024-11-21 | 9.8 Critical |
| Status2k does not remove the install directory allowing credential reset. | ||||
| CVE-2014-5092 | 1 Status2k | 1 Status2k | 2024-11-21 | 8.8 High |
| Status2k allows Remote Command Execution in admin/options/editpl.php. | ||||
| CVE-2014-5091 | 1 Status2k | 1 Status2k | 2024-11-21 | 9.8 Critical |
| A vulnerability exits in Status2K 2.5 Server Monitoring Software via the multies parameter to includes/functions.php, which could let a malicious user execute arbitrary PHP code. | ||||
| CVE-2014-5087 | 3 Sphider, Sphider-plus, Sphiderpro | 3 Sphider, Sphider-plus, Sphider Pro | 2024-11-21 | 9.8 Critical |
| A vulnerability exists in Sphider Search Engine prior to 1.3.6 due to exec calls in admin/spiderfuncs.php, which could let a remote malicious user execute arbitrary code. | ||||
| CVE-2014-5086 | 3 Sphider, Sphider-plus, Sphiderpro | 3 Sphider, Sphider-plus, Sphider Pro | 2024-11-21 | 8.8 High |
| A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only, but don’t exist in Sphider. | ||||
| CVE-2014-5085 | 1 Sphider-plus | 1 Sphider-plus | 2024-11-21 | 8.8 High |
| A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5085 pertains to instances of fwrite in Sphider Plus, but do not exist in either Sphider or Sphider Pro. | ||||
| CVE-2014-5084 | 1 Sphiderpro | 1 Sphider Pro | 2024-11-21 | 8.8 High |
| A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwrite, which could let a remote malicious user execute arbitrary code. CVE-2014-5084 pertains to instances of fwrite in Sphider Pro only, but do not exist in either Sphider or Sphider Plus. | ||||
| CVE-2014-5083 | 1 Sphider | 1 Sphider | 2024-11-21 | 8.8 High |
| A Command Execution vulnerability exists in Sphider before 1.3.6 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5083 pertains to instances of fwrite in Sphider. | ||||
| CVE-2014-5081 | 3 Sphider, Sphider-plus, Sphiderpro | 3 Sphider, Sphider-plus, Sphider Pro | 2024-11-21 | 9.8 Critical |
| sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus prior to 3.2 allow authentication bypass | ||||
| CVE-2014-5072 | 1 Wpsecurityauditlog | 1 Wp Security Audit Log | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2014-5071 | 1 Microsemi | 2 S350i, S350i Firmware | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows remote attackers to execute arbitrary SQL commands via vectors involving a username. | ||||
| CVE-2014-5070 | 1 Microsemi | 2 S350i, S350i Firmware | 2024-11-21 | 8.8 High |
| Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page. | ||||
| CVE-2014-5069 | 1 Microsemi | 2 S350i, S350i Firmware | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in Symmetricom s350i 2.70.15 allows remote attackers to inject arbitrary web script or HTML via vectors involving system logs. | ||||
| CVE-2014-5068 | 1 Microsemi | 2 S350i, S350i Firmware | 2024-11-21 | 7.5 High |
| Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash) or (2) ..\ (dot dot forward slash) before a file name. | ||||
| CVE-2014-5044 | 1 Gnu | 1 Libgfortran | 2024-11-21 | N/A |
| Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service (Fortran application crash) via vectors related to array allocation. | ||||
| CVE-2014-5039 | 1 Eucalyptus | 1 Eucalyptus Management Console | 2024-11-21 | 9.6 Critical |
| Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||