CVE List - 2014 / January
Showing 401 - 500 of 558 CVEs for January 2014 (Page 5 of 6)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2014-0672 | 2014-01-22 | The Search and Play interface in Cisco MediaSense does not... |
| CVE-2013-2750 | 2014-01-22 | Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 before 1.0.3... |
| CVE-2013-7304 | 2014-01-22 | Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5... |
| CVE-2014-1636 | 2014-01-22 | Multiple SQL injection vulnerabilities in Command School Student Management System... |
| CVE-2014-1637 | 2014-01-22 | Command School Student Management System 1.06.01 does not properly restrict... |
| CVE-2013-7305 | 2014-01-22 | fpw.php in e107 through 1.0.4 does not check the user_ban... |
| CVE-2014-0660 | 2014-01-22 | Cisco TelePresence ISDN Gateway with software before 2.2(1.92) allows remote... |
| CVE-2014-0661 | 2014-01-22 | The System Status Collection Daemon (SSCD) in Cisco TelePresence System... |
| CVE-2014-0662 | 2014-01-22 | The SIP module in Cisco TelePresence Video Communication Server (VCS)... |
| CVE-2014-0676 | 2014-01-22 | Cisco NX-OS allows local users to bypass intended TACACS+ command... |
| CVE-2014-0677 | 2014-01-22 | The Label Distribution Protocol (LDP) functionality in Cisco NX-OS allows... |
| CVE-2014-0806 | 2014-01-22 | The Sleipnir Mobile application 2.12.1 and earlier and Sleipnir Mobile... |
| CVE-2014-0807 | 2014-01-22 | data/class/pages/shopping/LC_Page_Shopping_Deliv.php in LOCKON EC-CUBE 2.4.4 and earlier, and 2.11.0 through... |
| CVE-2014-0808 | 2014-01-22 | Authorization bypass through user-controlled key issue exists in EC-CUBE 2.11.0... |
| CVE-2013-6412 | 2014-01-23 | The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0... |
| CVE-2013-6447 | 2014-01-23 | Multiple XML External Entity (XXE) vulnerabilities in the (1) ExecutionHandler,... |
| CVE-2013-6448 | 2014-01-23 | The InterfaceGenerator handler in JBoss Seam Remoting in JBoss Seam... |
| CVE-2013-6443 | 2014-01-23 | CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to... |
| CVE-2014-0006 | 2014-01-23 | The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through... |
| CVE-2014-0979 | 2014-01-23 | The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter before... |
| CVE-2014-0675 | 2014-01-23 | The Expressway component in Cisco TelePresence Video Communication Server (VCS)... |
| CVE-2012-6447 | 2014-01-23 | Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 5.0.0... |
| CVE-2013-7306 | 2014-01-23 | The OSPF implementation on Brocade routers does not consider the... |
| CVE-2013-7307 | 2014-01-23 | The OSPF implementation on the Brocade Vyatta vRouter with software... |
| CVE-2013-7308 | 2014-01-23 | The OSPF implementation on the D-Link DES-3810-28 switch with firmware... |
| CVE-2013-7309 | 2014-01-23 | The OSPF implementation in Extreme Networks EXOS does not consider... |
| CVE-2013-7310 | 2014-01-23 | The OSPF implementation on Yamaha routers does not consider the... |
| CVE-2013-7311 | 2014-01-23 | The OSPF implementation in Check Point Gaia OS R75.X and... |
| CVE-2013-7312 | 2014-01-23 | The OSPF implementation on Enterasys switches and routers does not... |
| CVE-2013-7313 | 2014-01-23 | The OSPF implementation in Juniper Junos through 13.x, JunosE, and... |
| CVE-2013-7314 | 2014-01-23 | The OSPF implementation on NEC IP38X, IX1000, IX2000, and IX3000... |
| CVE-2013-5371 | 2014-01-23 | The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and... |
| CVE-2014-0494 | 2014-01-23 | Adobe Digital Editions 2.0.1 allows attackers to execute arbitrary code... |
| CVE-2014-1242 | 2014-01-23 | Apple iTunes before 11.1.4 uses HTTP for the iTunes Tutorials... |
| CVE-2013-4152 | 2014-01-23 | The Spring OXM wrapper in Spring Framework before 3.2.4 and... |
| CVE-2013-6933 | 2014-01-23 | The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13... |
| CVE-2013-6934 | 2014-01-23 | The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26,... |
| CVE-2013-7048 | 2014-01-23 | OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses... |
| CVE-2013-7315 | 2014-01-23 | The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1... |
| CVE-2013-5667 | 2014-01-24 | The Thecus NAS server N8800 with firmware 5.03.01 allows remote... |
| CVE-2013-5668 | 2014-01-24 | The ADS/NT Support page on the Thecus NAS server N8800... |
| CVE-2013-5669 | 2014-01-24 | The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext... |
| CVE-2013-6030 | 2014-01-24 | Directory traversal vulnerability on the Emerson Network Power Avocent MergePoint... |
| CVE-2013-7175 | 2014-01-24 | Multiple SQL injection vulnerabilities in Avanset Visual CertExam Manager 3.3... |
| CVE-2014-0674 | 2014-01-24 | Cisco Video Surveillance Operations Manager (VSOM) does not require authentication... |
| CVE-2013-5350 | 2014-01-24 | The "Remember me" feature in the opSecurityUser::getRememberLoginCookie function in lib/user/opSecurityUser.class.php... |
| CVE-2013-7184 | 2014-01-24 | Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers... |
| CVE-2013-7316 | 2014-01-24 | Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions... |
| CVE-2014-0809 | 2014-01-24 | Directory traversal vulnerability in the Gapless Player SimZip (aka Simple... |
| CVE-2014-1252 | 2014-01-24 | Double free vulnerability in Apple Pages 2.x before 2.1 and... |
| CVE-2013-7317 | 2014-01-24 | Multiple cross-site scripting (XSS) vulnerabilities in CS-Cart before 4.1.1 allow... |
| CVE-2013-1885 | 2014-01-24 | Multiple cross-site scripting (XSS) vulnerabilities in the token processing system... |
| CVE-2013-1886 | 2014-01-24 | Format string vulnerability in the token processing system (pki-tps) in... |
| CVE-2013-1853 | 2014-01-24 | Almanah Diary 0.9.0 and 0.10.0 does not encrypt the database... |
| CVE-2013-2192 | 2014-01-24 | The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha,... |
| CVE-2013-6434 | 2014-01-24 | The remote-viewer in Red Hat Enterprise Virtualization Manager (RHEV-M) before... |
| CVE-2013-6457 | 2014-01-24 | The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt... |
| CVE-2013-6458 | 2014-01-24 | Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3)... |
| CVE-2014-0028 | 2014-01-24 | libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the... |
| CVE-2014-1447 | 2014-01-24 | Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1... |
| CVE-2014-1475 | 2014-01-24 | The OpenID module in Drupal 6.x before 6.30 and 7.x... |
| CVE-2014-1476 | 2014-01-24 | The Taxonomy module in Drupal 7.x before 7.26, when upgraded... |
| CVE-2014-1202 | 2014-01-25 | The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote... |
| CVE-2014-1670 | 2014-01-25 | The Microsoft Bing application before 4.2.1 for Android allows remote... |
| CVE-2014-0673 | 2014-01-25 | Multiple cross-site scripting (XSS) vulnerabilities in the web interface on... |
| CVE-2014-0678 | 2014-01-25 | The portal interface in Cisco Secure Access Control System (ACS)... |
| CVE-2014-0750 | 2014-01-25 | Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components... |
| CVE-2014-0751 | 2014-01-25 | Directory traversal vulnerability in CimWebServer.exe (aka the WebView component) in... |
| CVE-2013-5364 | 2014-01-26 | Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and... |
| CVE-2013-6853 | 2014-01-26 | Cross-site scripting (XSS) vulnerability in clickstream.js in Y! Toolbar plugin... |
| CVE-2013-6891 | 2014-01-26 | lppasswd in CUPS before 1.7.1, when running with setuid privileges,... |
| CVE-2013-7137 | 2014-01-26 | The "remember me" functionality in login.php in Burden before 1.8.1... |
| CVE-2013-7247 | 2014-01-26 | cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833... |
| CVE-2013-7248 | 2014-01-26 | Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other... |
| CVE-2013-7296 | 2014-01-26 | The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does... |
| CVE-2014-0027 | 2014-01-26 | The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local... |
| CVE-2014-1626 | 2014-01-26 | XML External Entity (XXE) vulnerability in MARC::File::XML module before 1.0.2... |
| CVE-2014-1671 | 2014-01-26 | Multiple SQL injection vulnerabilities in Dell KACE K1000 5.4.76847 and... |
| CVE-2014-1672 | 2014-01-26 | Check Point R75.47 Security Gateway and Management Server does not... |
| CVE-2014-1673 | 2014-01-26 | Check Point Session Authentication Agent allows remote attackers to obtain... |
| CVE-2013-6429 | 2014-01-26 | The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5... |
| CVE-2014-0022 | 2014-01-26 | The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier... |
| CVE-2014-1642 | 2014-01-26 | The IRQ setup in Xen 4.2.x and 4.3.x, when using... |
| CVE-2014-1666 | 2014-01-26 | The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3,... |
| CVE-2013-4304 | 2014-01-26 | The CentralAuth extension for MediaWiki 1.19.x before 1.19.8, 1.20.x before... |
| CVE-2013-6466 | 2014-01-26 | Openswan 2.6.39 and earlier allows remote attackers to cause a... |
| CVE-2013-6467 | 2014-01-26 | Libreswan 3.7 and earlier allows remote attackers to cause a... |
| CVE-2013-7140 | 2014-01-26 | XML External Entity (XXE) vulnerability in the CalDAV interface in... |
| CVE-2013-7141 | 2014-01-26 | Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite 7.4.1 and... |
| CVE-2013-7142 | 2014-01-26 | Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite 7.4.1 and... |
| CVE-2013-7143 | 2014-01-26 | Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite 7.4.1 allows... |
| CVE-2013-7298 | 2014-01-26 | query_params.cpp in cxxtools before 2.2.1 allows remote attackers to cause... |
| CVE-2013-7299 | 2014-01-26 | framework/common/messageheaderparser.cpp in Tntnet before 2.2.1 allows remote attackers to obtain... |
| CVE-2014-0794 | 2014-01-26 | SQL injection vulnerability in the JV Comment (com_jvcomment) component before... |
| CVE-2014-1607 | 2014-01-26 | Cross-site scripting (XSS) vulnerability in the EventCalendar module for Drupal... |
| CVE-2014-1664 | 2014-01-26 | The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests... |
| CVE-2013-6747 | 2014-01-27 | IBM GSKit 7.x before 7.0.4.48 and 8.x before 8.0.50.16, as... |
| CVE-2012-5192 | 2014-01-28 | Directory traversal vulnerability in gmap/view_overlay.php in Bitweaver 2.8.1 and earlier... |
| CVE-2013-6838 | 2014-01-28 | An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse... |
| CVE-2013-7135 | 2014-01-28 | The Proc::Daemon module 0.14 for Perl uses world-writable permissions for... |