CVE List - 2014 / November
Showing 1 - 100 of 501 CVEs for November 2014 (Page 1 of 6)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2014-8243 | 2014-11-01 | Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before... |
| CVE-2014-8244 | 2014-11-01 | Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before... |
| CVE-2014-3615 | 2014-11-01 | The VGA emulator in QEMU allows local guest users to... |
| CVE-2014-6032 | 2014-11-01 | Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility... |
| CVE-2014-8582 | 2014-11-01 | FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point... |
| CVE-2014-2015 | 2014-11-02 | Stack-based buffer overflow in the normify function in the rlm_pap... |
| CVE-2014-3634 | 2014-11-02 | rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5... |
| CVE-2014-3683 | 2014-11-02 | Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2... |
| CVE-2014-3654 | 2014-11-03 | Multiple cross-site scripting (XSS) vulnerabilities in spacewalk-java 2.0.2 in Spacewalk... |
| CVE-2014-3712 | 2014-11-03 | Katello allows remote attackers to cause a denial of service... |
| CVE-2014-5271 | 2014-11-03 | Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in... |
| CVE-2014-5272 | 2014-11-03 | libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before... |
| CVE-2014-5507 | 2014-11-03 | iBackup 10.0.0.32 and earlier uses weak permissions (Everyone: Full Control)... |
| CVE-2014-8080 | 2014-11-03 | The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before... |
| CVE-2014-8350 | 2014-11-03 | Smarty before 3.1.21 allows remote attackers to bypass the secure... |
| CVE-2014-8494 | 2014-11-03 | ESTsoft ALUpdate 8.5.1.0.0 uses weak permissions (Users: Full Control) for... |
| CVE-2012-5500 | 2014-11-03 | The batch id change script (renameObjectsByPaths.py) in Plone before 4.2.3... |
| CVE-2012-5508 | 2014-11-03 | The error pages in Plone before 4.2.3 and 4.3 before... |
| CVE-2014-0487 | 2014-11-03 | APT before 1.0.9 does not verify downloaded files if they... |
| CVE-2014-0488 | 2014-11-03 | APT before 1.0.9 does not "invalidate repository data" when moving... |
| CVE-2014-0489 | 2014-11-03 | APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, does... |
| CVE-2014-0490 | 2014-11-03 | The apt-get download command in APT before 1.0.9 does not... |
| CVE-2014-7228 | 2014-11-03 | Akeeba Restore (restore.php), as used in Joomla! 2.5.4 through 2.5.25,... |
| CVE-2012-6661 | 2014-11-03 | Zope before 2.13.19, as used in Plone before 4.2.3 and... |
| CVE-2013-0336 | 2014-11-03 | The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c in the directory server (dirsrv)... |
| CVE-2014-0204 | 2014-11-03 | OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when... |
| CVE-2014-4311 | 2014-11-04 | Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allows attackers to obtain the... |
| CVE-2013-7057 | 2014-11-04 | Cross-site request forgery (CSRF) vulnerability in Axway SecureTransport 5.1 SP2... |
| CVE-2014-5387 | 2014-11-04 | Multiple SQL injection vulnerabilities in EllisLab ExpressionEngine before 2.9.1 allow... |
| CVE-2014-7176 | 2014-11-04 | SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows remote... |
| CVE-2014-8339 | 2014-11-04 | SQL injection vulnerability in midroll.php in Nuevolab Nuevoplayer for ClipShare... |
| CVE-2014-8585 | 2014-11-04 | Directory traversal vulnerability in the WordPress Download Manager plugin for... |
| CVE-2014-8586 | 2014-11-04 | SQL injection vulnerability in the CP Multi View Event Calendar... |
| CVE-2014-8588 | 2014-11-04 | SQL injection vulnerability in metadata.xsjs in SAP HANA 1.00.60.379371 allows... |
| CVE-2014-8589 | 2014-11-04 | Integer overflow in SAP Network Interface Router (SAProuter) 40.4 allows... |
| CVE-2014-8590 | 2014-11-04 | XML external entity (XXE) vulnerability in the Web Service Navigator... |
| CVE-2014-8591 | 2014-11-04 | Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used... |
| CVE-2014-8592 | 2014-11-04 | Unspecified vulnerability in SAP Host Agent, as used in SAP... |
| CVE-2014-8584 | 2014-11-04 | Cross-site scripting (XSS) vulnerability in the Web Dorado Spider Video... |
| CVE-2014-8587 | 2014-11-04 | SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used... |
| CVE-2014-3660 | 2014-11-04 | parser.c in libxml2 before 2.9.2 does not properly prevent entity... |
| CVE-2014-4974 | 2014-11-04 | The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver,... |
| CVE-2014-8593 | 2014-11-04 | Multiple cross-site scripting (XSS) vulnerabilities in Allomani Weblinks 1.0 allow... |
| CVE-2014-6130 | 2014-11-04 | The IBM Notes Traveler application before 9.0.1.3 for Android lacks... |
| CVE-2014-7875 | 2014-11-04 | Unspecified vulnerability on the HP LaserJet CM3530 Multifunction Printer CC519A... |
| CVE-2014-8471 | 2014-11-04 | CA Cloud Service Management (CSM) before Summer 2014 allows remote... |
| CVE-2014-8472 | 2014-11-04 | CA Cloud Service Management (CSM) before Summer 2014 does not... |
| CVE-2014-8473 | 2014-11-04 | Cross-site request forgery (CSRF) vulnerability in CA Cloud Service Management... |
| CVE-2014-8474 | 2014-11-04 | CA Cloud Service Management (CSM) before Summer 2014 allows remote... |
| CVE-2013-4148 | 2014-11-04 | Integer signedness error in the virtio_net_load function in hw/net/virtio-net.c in... |
| CVE-2013-4149 | 2014-11-04 | Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0... |
| CVE-2013-4150 | 2014-11-04 | The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 through 1.7.x... |
| CVE-2013-4151 | 2014-11-04 | The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2... |
| CVE-2013-4526 | 2014-11-04 | Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote... |
| CVE-2013-4527 | 2014-11-04 | Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow... |
| CVE-2013-4529 | 2014-11-04 | Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remote... |
| CVE-2013-4530 | 2014-11-04 | Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote... |
| CVE-2013-4531 | 2014-11-04 | Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows remote... |
| CVE-2013-4533 | 2014-11-04 | Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in QEMU... |
| CVE-2013-4534 | 2014-11-04 | Buffer overflow in hw/intc/openpic.c in QEMU before 1.7.2 allows remote... |
| CVE-2013-4537 | 2014-11-04 | The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows... |
| CVE-2013-4538 | 2014-11-04 | Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in... |
| CVE-2013-4539 | 2014-11-04 | Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c in... |
| CVE-2013-4540 | 2014-11-04 | Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 might allow... |
| CVE-2013-4541 | 2014-11-04 | The usb_device_post_load function in hw/usb/bus.c in QEMU before 1.7.2 might... |
| CVE-2013-4542 | 2014-11-04 | The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might... |
| CVE-2013-6399 | 2014-11-04 | Array index error in the virtio_load function in hw/virtio/virtio.c in... |
| CVE-2014-0182 | 2014-11-04 | Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in... |
| CVE-2014-0222 | 2014-11-04 | Integer overflow in the qcow_open function in block/qcow.c in QEMU... |
| CVE-2014-0223 | 2014-11-04 | Integer overflow in the qcow_open function in block/qcow.c in QEMU... |
| CVE-2014-3461 | 2014-11-04 | hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary... |
| CVE-2014-2718 | 2014-11-04 | ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U,... |
| CVE-2014-2373 | 2014-11-05 | The web server on the AXN-NET Ethernet module accessory 3.04... |
| CVE-2014-2374 | 2014-11-05 | The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim... |
| CVE-2014-3710 | 2014-11-05 | The donote function in readelf.c in file through 5.20, as... |
| CVE-2014-4769 | 2014-11-05 | IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.8... |
| CVE-2014-4810 | 2014-11-05 | IBM Cognos Mobile 10.1.1 before FP3 IF1, 10.2.0 before FP2... |
| CVE-2014-4834 | 2014-11-05 | IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.8... |
| CVE-2014-5408 | 2014-11-05 | Cross-site scripting (XSS) vulnerability in the login script in the... |
| CVE-2014-5417 | 2014-11-05 | Cross-site scripting (XSS) vulnerability in Meinberg NTP Server firmware on... |
| CVE-2014-8326 | 2014-11-05 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5,... |
| CVE-2014-8541 | 2014-11-05 | libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and... |
| CVE-2014-8542 | 2014-11-05 | libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID... |
| CVE-2014-8543 | 2014-11-05 | libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines... |
| CVE-2014-8544 | 2014-11-05 | libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel... |
| CVE-2014-8545 | 2014-11-05 | libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without... |
| CVE-2014-8546 | 2014-11-05 | Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 allows remote... |
| CVE-2014-8547 | 2014-11-05 | libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image... |
| CVE-2014-8548 | 2014-11-05 | Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote... |
| CVE-2014-8549 | 2014-11-05 | libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the number... |
| CVE-2014-8622 | 2014-11-05 | Cross-site scripting (XSS) vulnerability in compfight-search.php in the Compfight plugin... |
| CVE-2014-0995 | 2014-11-06 | The Standalone Enqueue Server in SAP Netweaver 7.20, 7.01, and... |
| CVE-2014-4664 | 2014-11-06 | Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin before... |
| CVE-2014-5257 | 2014-11-06 | Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms before 1.2.1... |
| CVE-2014-7958 | 2014-11-06 | Cross-site scripting (XSS) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security... |
| CVE-2014-7959 | 2014-11-06 | SQL injection vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin... |
| CVE-2014-8351 | 2014-11-06 | SQL injection vulnerability in info.php in French National Commission on... |
| CVE-2014-8352 | 2014-11-06 | Cross-site scripting (XSS) vulnerability in json.php in French National Commission... |
| CVE-2014-8483 | 2014-11-06 | The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows... |
| CVE-2014-8508 | 2014-11-06 | Cross-site scripting (XSS) vulnerability in s_network.asp in the Denon AVR-3313CI... |