Export limit exceeded: 344010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 17481 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-9956 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36389611. | ||||
| CVE-2014-9955 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384686. | ||||
| CVE-2014-9954 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36388559. | ||||
| CVE-2014-9953 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714770. | ||||
| CVE-2014-9919 | 1 Bilboplanet | 1 Bilboplanet | 2024-11-21 | N/A |
| An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the fullname parameter to signup.php. | ||||
| CVE-2014-9918 | 1 Bilboplanet | 1 Bilboplanet | 2024-11-21 | N/A |
| An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the user_id parameter to signup.php. | ||||
| CVE-2014-9917 | 1 Bilboplanet | 1 Bilboplanet | 2024-11-21 | N/A |
| An issue was discovered in Bilboplanet 2.0. There is a stored XSS vulnerability when adding a tag via the user/?page=tribes tags parameter. | ||||
| CVE-2014-9908 | 1 Google | 1 Android | 2024-11-21 | 6.5 Medium |
| A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows malicious users to block Bluetooh access (Android Bug ID A-28672558). | ||||
| CVE-2014-9753 | 1 Atutor | 1 Atutor | 2024-11-21 | 9.8 Critical |
| confirm.php in ATutor 2.2 and earlier allows remote attackers to bypass authentication and gain access as an existing user via the auto_login parameter. | ||||
| CVE-2014-9748 | 3 Libuv, Microsoft, Nodejs | 4 Libuv, Windows Server 2003, Windows Xp and 1 more | 2024-11-21 | 8.1 High |
| The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race condition. | ||||
| CVE-2014-9720 | 1 Tornadoweb | 1 Tornado | 2024-11-21 | 6.5 Medium |
| Tornado before 3.2.2 sends arbitrary responses that contain a fixed CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests. | ||||
| CVE-2014-9702 | 1 2pisoftware | 1 Cmfive | 2024-11-21 | 7.5 High |
| system/classes/DbPDO.php in Cmfive through 2015-03-15, when database connectivity malfunctions, allows remote attackers to obtain sensitive information (username and password) via any request, such as a password reset request. | ||||
| CVE-2014-9699 | 1 Makerbot | 2 Replicator 5th Generation, Replicator 5th Generation Firmware | 2024-11-21 | N/A |
| The MakerBot Replicator 5G printer runs an Apache HTTP Server with directory indexing enabled. Apache logs, system logs, design files (i.e., a history of print files), and more are exposed to unauthenticated attackers through this HTTP server. | ||||
| CVE-2014-9630 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | 7.8 High |
| The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted length value. | ||||
| CVE-2014-9629 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | 7.8 High |
| Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player before 2.1.6 and 2.2.x before 2.2.1 allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted length value. | ||||
| CVE-2014-9628 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | 7.8 High |
| The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7. | ||||
| CVE-2014-9627 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | 7.8 High |
| The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large box size. | ||||
| CVE-2014-9626 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | 7.8 High |
| Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7. | ||||
| CVE-2014-9625 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | 7.8 High |
| The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted update status file, aka an "integer truncation" vulnerability. | ||||
| CVE-2014-9617 | 1 Netsweeper | 1 Netsweeper | 2024-11-21 | 6.1 Medium |
| Open redirect vulnerability in remotereporter/load_logfiles.php in Netsweeper before 4.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. | ||||