Export limit exceeded: 343912 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343912 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-5093 | 1 Status2k | 1 Status2k | 2024-11-21 | 9.8 Critical |
| Status2k does not remove the install directory allowing credential reset. | ||||
| CVE-2014-5092 | 1 Status2k | 1 Status2k | 2024-11-21 | 8.8 High |
| Status2k allows Remote Command Execution in admin/options/editpl.php. | ||||
| CVE-2014-5091 | 1 Status2k | 1 Status2k | 2024-11-21 | 9.8 Critical |
| A vulnerability exits in Status2K 2.5 Server Monitoring Software via the multies parameter to includes/functions.php, which could let a malicious user execute arbitrary PHP code. | ||||
| CVE-2014-5087 | 3 Sphider, Sphider-plus, Sphiderpro | 3 Sphider, Sphider-plus, Sphider Pro | 2024-11-21 | 9.8 Critical |
| A vulnerability exists in Sphider Search Engine prior to 1.3.6 due to exec calls in admin/spiderfuncs.php, which could let a remote malicious user execute arbitrary code. | ||||
| CVE-2014-5086 | 3 Sphider, Sphider-plus, Sphiderpro | 3 Sphider, Sphider-plus, Sphider Pro | 2024-11-21 | 8.8 High |
| A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only, but don’t exist in Sphider. | ||||
| CVE-2014-5085 | 1 Sphider-plus | 1 Sphider-plus | 2024-11-21 | 8.8 High |
| A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5085 pertains to instances of fwrite in Sphider Plus, but do not exist in either Sphider or Sphider Pro. | ||||
| CVE-2014-5084 | 1 Sphiderpro | 1 Sphider Pro | 2024-11-21 | 8.8 High |
| A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwrite, which could let a remote malicious user execute arbitrary code. CVE-2014-5084 pertains to instances of fwrite in Sphider Pro only, but do not exist in either Sphider or Sphider Plus. | ||||
| CVE-2014-5083 | 1 Sphider | 1 Sphider | 2024-11-21 | 8.8 High |
| A Command Execution vulnerability exists in Sphider before 1.3.6 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5083 pertains to instances of fwrite in Sphider. | ||||
| CVE-2014-5081 | 3 Sphider, Sphider-plus, Sphiderpro | 3 Sphider, Sphider-plus, Sphider Pro | 2024-11-21 | 9.8 Critical |
| sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus prior to 3.2 allow authentication bypass | ||||
| CVE-2014-5072 | 1 Wpsecurityauditlog | 1 Wp Security Audit Log | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2014-5071 | 1 Microsemi | 2 S350i, S350i Firmware | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows remote attackers to execute arbitrary SQL commands via vectors involving a username. | ||||
| CVE-2014-5070 | 1 Microsemi | 2 S350i, S350i Firmware | 2024-11-21 | 8.8 High |
| Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page. | ||||
| CVE-2014-5069 | 1 Microsemi | 2 S350i, S350i Firmware | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in Symmetricom s350i 2.70.15 allows remote attackers to inject arbitrary web script or HTML via vectors involving system logs. | ||||
| CVE-2014-5068 | 1 Microsemi | 2 S350i, S350i Firmware | 2024-11-21 | 7.5 High |
| Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash) or (2) ..\ (dot dot forward slash) before a file name. | ||||
| CVE-2014-5044 | 1 Gnu | 1 Libgfortran | 2024-11-21 | N/A |
| Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service (Fortran application crash) via vectors related to array allocation. | ||||
| CVE-2014-5039 | 1 Eucalyptus | 1 Eucalyptus Management Console | 2024-11-21 | 9.6 Critical |
| Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-5034 | 1 Fresh-media | 1 Brute Force Login Protection | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Brute Force Login Protection module 1.3 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests that have unknown impact via a crafted request to the brute-force-login-protection page to wp-admin/options-general.php. | ||||
| CVE-2014-5028 | 1 Reviewboard | 1 Review Board | 2024-11-21 | N/A |
| The Original File and Patched File resources in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information from repository files by leveraging knowledge of database ids. | ||||
| CVE-2014-5014 | 1 Tinywebgallery | 1 Wordpress Flash Uploader | 2024-11-21 | N/A |
| The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows remote attackers to execute arbitrary commands via vectors related to invalid characters in image_magic_path. | ||||
| CVE-2014-5013 | 1 Dompdf Project | 1 Dompdf | 2024-11-21 | 8.8 High |
| DOMPDF before 0.6.2 allows remote code execution, a related issue to CVE-2014-2383. | ||||