CVE List - 2015 / January
Showing 301 - 400 of 713 CVEs for January 2015 (Page 4 of 8)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2014-7811 | 2015-01-15 | Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat... |
| CVE-2014-7812 | 2015-01-15 | Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Network... |
| CVE-2014-7956 | 2015-01-15 | Cross-site scripting (XSS) vulnerability in the Pods plugin before 2.5... |
| CVE-2014-7957 | 2015-01-15 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Pods plugin... |
| CVE-2014-8150 | 2015-01-15 | CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0,... |
| CVE-2014-8151 | 2015-01-15 | The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl 7.31.0 through 7.39.0,... |
| CVE-2014-8153 | 2015-01-15 | The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when... |
| CVE-2014-8394 | 2015-01-15 | Multiple untrusted search path vulnerabilities in Corel CAD 2014 allow... |
| CVE-2014-8395 | 2015-01-15 | Untrusted search path vulnerability in Corel Painter 2015 allows local... |
| CVE-2014-8396 | 2015-01-15 | Untrusted search path vulnerability in Corel PDF Fusion allows local... |
| CVE-2014-8397 | 2015-01-15 | Untrusted search path vulnerability in Corel VideoStudio PRO X7 or... |
| CVE-2014-8398 | 2015-01-15 | Multiple untrusted search path vulnerabilities in Corel FastFlick allow local... |
| CVE-2014-8738 | 2015-01-15 | The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and... |
| CVE-2014-8869 | 2015-01-15 | Multiple cross-site scripting (XSS) vulnerabilities in mobiquo/smartbanner/welcome.php in the Tapatalk... |
| CVE-2014-8870 | 2015-01-15 | Open redirect vulnerability in mobiquo/smartbanner/welcome.php in the Tapatalk (com.tapatalk.wbb4) plugin... |
| CVE-2014-9308 | 2015-01-15 | Unrestricted file upload vulnerability in inc/amfphp/administration/banneruploaderscript.php in the WP EasyCart... |
| CVE-2014-9560 | 2015-01-15 | SQL injection vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote... |
| CVE-2014-9561 | 2015-01-15 | Cross-site scripting (XSS) vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows... |
| CVE-2014-9570 | 2015-01-15 | Multiple cross-site scripting (XSS) vulnerabilities in the MyWebsiteAdvisor Simple Security... |
| CVE-2014-9587 | 2015-01-15 | Multiple cross-site request forgery (CSRF) vulnerabilities in Roundcube Webmail before... |
| CVE-2014-9594 | 2015-01-15 | Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel... |
| CVE-2014-9595 | 2015-01-15 | Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel... |
| CVE-2015-0552 | 2015-01-15 | Directory traversal vulnerability in the gcab_folder_extract function in libgcab/gcab-folder.c in... |
| CVE-2015-1039 | 2015-01-15 | Cross-site scripting (XSS) vulnerability in user/login.phtml in ZF-Commons ZfcUser before... |
| CVE-2015-1040 | 2015-01-15 | Multiple cross-site scripting (XSS) vulnerabilities in the administrative backend in... |
| CVE-2015-1041 | 2015-01-15 | Cross-site scripting (XSS) vulnerability in e107_admin/filemanager.php in e107 1.0.4 allows... |
| CVE-2015-1050 | 2015-01-15 | Cross-site scripting (XSS) vulnerability in F5 BIG-IP Application Security Manager... |
| CVE-2015-1051 | 2015-01-15 | Open redirect vulnerability in the Context UI module in the... |
| CVE-2014-9593 | 2015-01-15 | Apache CloudStack before 4.3.2 and 4.4.x before 4.4.2 allows remote... |
| CVE-2015-1052 | 2015-01-15 | Cross-site scripting (XSS) vulnerability in the poll archive in PHPKIT... |
| CVE-2014-7881 | 2015-01-15 | Cross-site scripting (XSS) vulnerability in the server in HP Insight... |
| CVE-2014-8022 | 2015-01-15 | Multiple cross-site scripting (XSS) vulnerabilities in Cisco Identity Services Engine... |
| CVE-2014-8034 | 2015-01-15 | Cisco WebEx Meetings Server 1.5 presents the same CAPTCHA challenge... |
| CVE-2014-8904 | 2015-01-15 | lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1... |
| CVE-2015-0588 | 2015-01-15 | Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain... |
| CVE-2015-0591 | 2015-01-15 | Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers... |
| CVE-2014-9596 | 2015-01-15 | Panasonic Arbitrator Back-End Server (BES) MK 2.0 VPU before 9.3.1... |
| CVE-2014-9599 | 2015-01-16 | Cross-site scripting (XSS) vulnerability in the filemanager in b2evolution before... |
| CVE-2014-9600 | 2015-01-16 | Untrusted search path vulnerability in Macroplant iExplorer 3.6.3.0 allows local... |
| CVE-2015-1053 | 2015-01-16 | Cross-site scripting (XSS) vulnerability in the administrative backend in Croogo... |
| CVE-2015-1054 | 2015-01-16 | Cross-site scripting (XSS) vulnerability in the Games feature in Crea8Social... |
| CVE-2015-1056 | 2015-01-16 | Cross-site scripting (XSS) vulnerability in Brother MFC-J4410DW printer with firmware... |
| CVE-2015-1057 | 2015-01-16 | Cross-site scripting (XSS) vulnerability in usersettings.php in e107 2.0.0 allows... |
| CVE-2015-1058 | 2015-01-16 | Multiple cross-site scripting (XSS) vulnerabilities in AdaptCMS 3.0.3 allow remote... |
| CVE-2015-1059 | 2015-01-16 | Unrestricted file upload vulnerability in admin/files/add in AdaptCMS 3.0.3 allows... |
| CVE-2015-1060 | 2015-01-16 | Open redirect vulnerability in lib/Cake/Controller/Controller.php in AdaptCMS 3.0.3 allows remote... |
| CVE-2015-1055 | 2015-01-16 | SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for... |
| CVE-2014-1949 | 2015-01-16 | GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and... |
| CVE-2014-3692 | 2015-01-16 | The customization template in Red Hat CloudForms 3.1 Management Engine... |
| CVE-2014-6382 | 2015-01-16 | The Juniper MX Series routers with Junos 13.3R3 through 13.3Rx... |
| CVE-2014-6383 | 2015-01-16 | The stateless firewall in Juniper Junos 13.3R3, 14.1R1, and 14.1R2,... |
| CVE-2014-6384 | 2015-01-16 | Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D25, 12.1X47 before... |
| CVE-2014-6385 | 2015-01-16 | Juniper Junos 11.4 before 11.4R13, 12.1X44 before 12.1X44-D45, 12.1X46 before... |
| CVE-2014-6386 | 2015-01-16 | Juniper Junos 11.4 before 11.4R8, 12.1X44 before 12.1X44-D35, 12.1X45 before... |
| CVE-2014-7814 | 2015-01-16 | SQL injection vulnerability in Red Hat CloudForms 3.1 Management Engine... |
| CVE-2014-9471 | 2015-01-16 | The parse_datetime function in GNU coreutils allows remote attackers to... |
| CVE-2014-9475 | 2015-01-16 | Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.19.23,... |
| CVE-2014-9476 | 2015-01-16 | MediaWiki 1.2x before 1.22.15, 1.23.x before 1.23.8, and 1.24.x before... |
| CVE-2014-9477 | 2015-01-16 | Multiple cross-site scripting (XSS) vulnerabilities in the Listings extension for... |
| CVE-2014-9478 | 2015-01-16 | Cross-site scripting (XSS) vulnerability in the preview in the ExpandTemplates... |
| CVE-2014-9479 | 2015-01-16 | Cross-site scripting (XSS) vulnerability in the preview in the TemplateSandbox... |
| CVE-2014-9480 | 2015-01-16 | Cross-site scripting (XSS) vulnerability in the Hovercards extension for MediaWiki... |
| CVE-2014-9496 | 2015-01-16 | The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to... |
| CVE-2014-9601 | 2015-01-16 | Pillow before 2.7.0 allows remote attackers to cause a denial... |
| CVE-2015-0219 | 2015-01-16 | Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3... |
| CVE-2015-0220 | 2015-01-16 | The django.util.http.is_safe_url function in Django before 1.4.18, 1.6.x before 1.6.10,... |
| CVE-2015-0221 | 2015-01-16 | The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10,... |
| CVE-2015-0222 | 2015-01-16 | ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3,... |
| CVE-2015-1029 | 2015-01-16 | The puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x... |
| CVE-2014-9602 | 2015-01-16 | libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits and words... |
| CVE-2014-9603 | 2015-01-16 | The vmd_decode function in libavcodec/vmdvideo.c in FFmpeg before 2.5.2 does... |
| CVE-2014-9604 | 2015-01-16 | libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a... |
| CVE-2014-2355 | 2015-01-17 | The (1) CimView and (2) CimEdit components in GE Proficy... |
| CVE-2014-5418 | 2015-01-17 | GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware... |
| CVE-2014-5419 | 2015-01-17 | GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware... |
| CVE-2014-8143 | 2015-01-17 | Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before... |
| CVE-2014-9194 | 2015-01-17 | Arbiter 1094B GPS Substation Clock allows remote attackers to cause... |
| CVE-2014-9195 | 2015-01-17 | Phoenix Contact ProConOs and MultiProg do not require authentication, which... |
| CVE-2014-9199 | 2015-01-17 | The Clorius Controls Java web client before 01.00.0009g allows remote... |
| CVE-2014-3018 | 2015-01-17 | IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID... |
| CVE-2014-3019 | 2015-01-17 | IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID... |
| CVE-2014-3032 | 2015-01-17 | Cross-site scripting (XSS) vulnerability in the Web GUI in IBM... |
| CVE-2014-4835 | 2015-01-17 | IBM ServerGuide before 9.63, UpdateXpress System Packs Installer (UXSPI) before... |
| CVE-2014-6197 | 2015-01-17 | IBM Security Network Protection 5.1.x and 5.2.x before 5.2.0.0 FP5... |
| CVE-2015-0590 | 2015-01-17 | Cisco WebEx Meeting Center allows remote attackers to activate disabled... |
| CVE-2015-0924 | 2015-01-17 | Ceragon FibeAir IP-10 bridges have a default password for the... |
| CVE-2013-7252 | 2015-01-18 | kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with... |
| CVE-2015-0862 | 2015-01-18 | Multiple cross-site scripting (XSS) vulnerabilities in the management web UI... |
| CVE-2015-0973 | 2015-01-18 | Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng... |
| CVE-2014-8386 | 2015-01-20 | Multiple stack-based buffer overflows in Advantech AdamView 4.3 and earlier... |
| CVE-2014-8625 | 2015-01-20 | Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c... |
| CVE-2014-8790 | 2015-01-20 | XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS... |
| CVE-2014-9330 | 2015-01-20 | Integer overflow in tif_packbits.c in bmp2tif in libtiff 4.0.3 allows... |
| CVE-2014-9490 | 2015-01-20 | The numtok function in lib/raven/okjson.rb in the raven-ruby gem before... |
| CVE-2014-9491 | 2015-01-20 | The devzvol_readdir function in illumos does not check the return... |
| CVE-2014-9494 | 2015-01-20 | RabbitMQ before 3.4.0 allows remote attackers to bypass the loopback_users... |
| CVE-2015-1030 | 2015-01-20 | Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy... |
| CVE-2015-1201 | 2015-01-20 | Privoxy before 3.0.22 allows remote attackers to cause a denial... |
| CVE-2014-0191 | 2015-01-21 | The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as... |
| CVE-2014-4259 | 2015-01-21 | Unspecified vulnerability in the Solaris Cluster component in Oracle Sun... |