CVE List - 2014 / July
Showing 501 - 600 of 653 CVEs for July 2014 (Page 6 of 7)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2014-5018 | 2014-07-21 | Incomplete blacklist vulnerability in the autoEscape function in common_helper.php in... |
| CVE-2014-2385 | 2014-07-22 | Multiple cross-site scripting (XSS) vulnerabilities in the web UI in... |
| CVE-2014-4326 | 2014-07-22 | Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers... |
| CVE-2014-4511 | 2014-07-22 | Gitlist before 0.5.0 allows remote attackers to execute arbitrary commands... |
| CVE-2014-4911 | 2014-07-22 | The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1.2.11 and... |
| CVE-2013-7392 | 2014-07-22 | Gitlist allows remote attackers to execute arbitrary commands via shell... |
| CVE-2014-5019 | 2014-07-22 | The multisite feature in Drupal 6.x before 6.32 and 7.x... |
| CVE-2014-5020 | 2014-07-22 | The File module in Drupal 7.x before 7.29 does not... |
| CVE-2014-5021 | 2014-07-22 | Cross-site scripting (XSS) vulnerability in the Form API in Drupal... |
| CVE-2014-5022 | 2014-07-22 | Cross-site scripting (XSS) vulnerability in the Ajax system in Drupal... |
| CVE-2014-5023 | 2014-07-22 | Repository.php in Gitter, as used in Gitlist, allows remote attackers... |
| CVE-2014-3518 | 2014-07-22 | jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss... |
| CVE-2014-3530 | 2014-07-22 | The org.picketlink.common.util.DocumentUtil.getDocumentBuilderFactory method in PicketLink, as used in Red Hat... |
| CVE-2014-4947 | 2014-07-22 | Buffer overflow in the HVM graphics console support in Citrix... |
| CVE-2014-4948 | 2014-07-22 | Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and... |
| CVE-2014-1544 | 2014-07-23 | Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla... |
| CVE-2014-1547 | 2014-07-23 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox... |
| CVE-2014-1548 | 2014-07-23 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox... |
| CVE-2014-1549 | 2014-07-23 | The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird... |
| CVE-2014-1550 | 2014-07-23 | Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before... |
| CVE-2014-1551 | 2014-07-23 | Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before... |
| CVE-2014-1552 | 2014-07-23 | Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not... |
| CVE-2014-1555 | 2014-07-23 | Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before... |
| CVE-2014-1556 | 2014-07-23 | Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and... |
| CVE-2014-1557 | 2014-07-23 | The ConvolveHorizontally function in Skia, as used in Mozilla Firefox... |
| CVE-2014-1558 | 2014-07-23 | Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote... |
| CVE-2014-1559 | 2014-07-23 | Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote... |
| CVE-2014-1560 | 2014-07-23 | Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote... |
| CVE-2014-1561 | 2014-07-23 | Mozilla Firefox before 31.0 does not properly restrict use of... |
| CVE-2014-3537 | 2014-07-23 | The web interface in CUPS before 1.7.4 allows local users... |
| CVE-2014-3555 | 2014-07-23 | OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before... |
| CVE-2014-3938 | 2014-07-23 | Integer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote... |
| CVE-2014-3939 | 2014-07-23 | Heap-based buffer overflow in Autodesk SketchBook Pro before 6.2.6 allows... |
| CVE-2014-4501 | 2014-07-23 | Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before... |
| CVE-2014-4502 | 2014-07-23 | Multiple heap-based buffer overflows in the parse_notify function in sgminer... |
| CVE-2014-4503 | 2014-07-23 | The parse_notify function in util.c in sgminer before 4.2.2 and... |
| CVE-2014-4980 | 2014-07-23 | The /server/properties resource in Tenable Web UI before 2.3.5 for... |
| CVE-2014-0607 | 2014-07-24 | Unrestricted file upload vulnerability in Attachmate Verastream Process Designer (VPD)... |
| CVE-2014-1419 | 2014-07-24 | Race condition in the power policy functions in policy-funcs in... |
| CVE-2014-2360 | 2014-07-24 | OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules... |
| CVE-2014-2361 | 2014-07-24 | OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules,... |
| CVE-2014-2362 | 2014-07-24 | OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules... |
| CVE-2014-2369 | 2014-07-24 | Cross-site request forgery (CSRF) vulnerability in the web application on... |
| CVE-2014-2370 | 2014-07-24 | Cross-site scripting (XSS) vulnerability in the web application on Omron... |
| CVE-2014-2717 | 2014-07-24 | Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and... |
| CVE-2014-2968 | 2014-07-24 | Cross-site scripting (XSS) vulnerability in the web interface on the... |
| CVE-2014-2971 | 2014-07-24 | Cross-site scripting (XSS) vulnerability in AddStdLetter.jsp in MicroPact iComplaints before... |
| CVE-2014-3110 | 2014-07-24 | Multiple cross-site scripting (XSS) vulnerabilities on Honeywell FALCON XLWeb Linux... |
| CVE-2014-3322 | 2014-07-24 | Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices... |
| CVE-2014-4682 | 2014-07-24 | The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as... |
| CVE-2014-4683 | 2014-07-24 | The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as... |
| CVE-2014-4684 | 2014-07-24 | The database server in Siemens SIMATIC WinCC before 7.3, as... |
| CVE-2014-4685 | 2014-07-24 | Siemens SIMATIC WinCC before 7.3, as used in PCS7 and... |
| CVE-2014-4686 | 2014-07-24 | The Project administration application in Siemens SIMATIC WinCC before 7.3,... |
| CVE-2014-4736 | 2014-07-24 | SQL injection vulnerability in E2 before 2.4 (2845) allows remote... |
| CVE-2014-4910 | 2014-07-24 | Directory traversal vulnerability in tools/backlight_helper.c in X.Org xf86-video-intel 2.99.911 allows... |
| CVE-2014-4927 | 2014-07-24 | Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U... |
| CVE-2014-5015 | 2014-07-24 | bozotic HTTP server (aka bozohttpd) before 20140708, as used in... |
| CVE-2014-5024 | 2014-07-24 | Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS,... |
| CVE-2014-2227 | 2014-07-25 | The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti Networks UniFi... |
| CVE-2014-5027 | 2014-07-25 | Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27... |
| CVE-2014-5100 | 2014-07-25 | Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1... |
| CVE-2014-5102 | 2014-07-25 | SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5... |
| CVE-2014-5103 | 2014-07-25 | Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine EventLog Analyzer 9... |
| CVE-2014-5101 | 2014-07-25 | Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote... |
| CVE-2014-2363 | 2014-07-26 | Morpho Itemiser 3 8.17 has hardcoded administrative credentials, which makes... |
| CVE-2014-3071 | 2014-07-26 | Cross-site scripting (XSS) vulnerability in the Data Quality Console in... |
| CVE-2014-3301 | 2014-07-26 | The ProfileAction controller in Cisco WebEx Meetings Server (CWMS) 1.5(.1.131)... |
| CVE-2014-3305 | 2014-07-26 | Cross-site request forgery (CSRF) vulnerability in the web framework in... |
| CVE-2014-3324 | 2014-07-26 | Multiple cross-site scripting (XSS) vulnerabilities in the login page in... |
| CVE-2014-3326 | 2014-07-26 | SQL injection vulnerability in the web framework in Cisco Security... |
| CVE-2014-3328 | 2014-07-26 | The Intercluster Sync Agent Service in Cisco Unified Presence Server... |
| CVE-2014-4858 | 2014-07-26 | Multiple SQL injection vulnerabilities in CWPLogin.aspx in Sabre AirCentre Crew... |
| CVE-2014-4979 | 2014-07-26 | Apple QuickTime allows remote attackers to execute arbitrary code or... |
| CVE-2014-2625 | 2014-07-26 | Directory traversal vulnerability in the storedNtxFile function in HP Network... |
| CVE-2014-2626 | 2014-07-26 | Directory traversal vulnerability in the toServerObject function in HP Network... |
| CVE-2014-2966 | 2014-07-26 | The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not... |
| CVE-2014-4747 | 2014-07-26 | The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1... |
| CVE-2014-4748 | 2014-07-26 | Cross-site scripting (XSS) vulnerability in the Classic Meeting Server in... |
| CVE-2014-4857 | 2014-07-26 | Cross-site scripting (XSS) vulnerability in Gurock TestRail before 3.1.3 allows... |
| CVE-2014-4971 | 2014-07-26 | Microsoft Windows XP SP3 does not validate addresses in certain... |
| CVE-2014-4725 | 2014-07-27 | The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for WordPress allows... |
| CVE-2014-4726 | 2014-07-27 | Unspecified vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.8... |
| CVE-2014-5106 | 2014-07-28 | Cross-site scripting (XSS) vulnerability in Invision Power IP.Board (aka IPB... |
| CVE-2014-5109 | 2014-07-28 | SQL injection vulnerability in maint/modules/endpointcfg/endpoint_generic.php in Fonality trixbox allows remote... |
| CVE-2014-5110 | 2014-07-28 | Cross-site scripting (XSS) vulnerability in user/help/html/index.php in Fonality trixbox allows... |
| CVE-2014-5104 | 2014-07-28 | Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers... |
| CVE-2014-5105 | 2014-07-28 | Multiple cross-site scripting (XSS) vulnerabilities in ol-commerce 2.1.1 allow remote... |
| CVE-2014-5107 | 2014-07-28 | concrete5 before 5.6.3 allows remote attackers to obtain the installation... |
| CVE-2014-5108 | 2014-07-28 | Cross-site scripting (XSS) vulnerability in single_pages\download_file.php in concrete5 before 5.6.3... |
| CVE-2014-5111 | 2014-07-28 | Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers... |
| CVE-2014-5112 | 2014-07-28 | maint/modules/home/index.php in Fonality trixbox allows remote attackers to execute arbitrary... |
| CVE-2014-5113 | 2014-07-28 | Multiple cross-site scripting (XSS) vulnerabilities in test.php in Visualware MyConnection... |
| CVE-2013-4840 | 2014-07-28 | Unspecified vulnerability in HP and H3C VPN Firewall Module products... |
| CVE-2014-2974 | 2014-07-28 | Cross-site request forgery (CSRF) vulnerability in php/user_account.php in Silver Peak... |
| CVE-2014-2975 | 2014-07-28 | Cross-site scripting (XSS) vulnerability in php/user_account.php in Silver Peak VX... |
| CVE-2014-3303 | 2014-07-28 | The web framework in Cisco WebEx Meetings Server does not... |
| CVE-2014-3304 | 2014-07-28 | The OutlookAction Class in Cisco WebEx Meetings Server allows remote... |
| CVE-2013-4262 | 2014-07-28 | svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile... |
| CVE-2013-7393 | 2014-07-28 | The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local... |