CVE List - 2015 / January
Showing 101 - 200 of 713 CVEs for January 2015 (Page 2 of 8)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2014-3628 | 2015-01-06 | Cross-site scripting (XSS) vulnerability in the Admin UI Plugin /... |
| CVE-2014-3764 | 2015-01-06 | Cross-site scripting (XSS) vulnerability in the web-based device management interface... |
| CVE-2014-7209 | 2015-01-06 | run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 allows context-dependent... |
| CVE-2014-8131 | 2015-01-06 | The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does... |
| CVE-2014-9527 | 2015-01-06 | HSLFSlideShow in Apache POI before 3.11 allows remote attackers to... |
| CVE-2014-9528 | 2015-01-06 | SQL injection vulnerability in the actionIndex function in protected/modules_core/notification/controllers/ListController.php in... |
| CVE-2014-4635 | 2015-01-07 | Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum Web Development... |
| CVE-2014-4636 | 2015-01-07 | Cross-site request forgery (CSRF) vulnerability in EMC Documentum Web Development... |
| CVE-2014-4637 | 2015-01-07 | Open redirect vulnerability in EMC Documentum Web Development Kit (WDK)... |
| CVE-2014-4638 | 2015-01-07 | EMC Documentum Web Development Kit (WDK) before 6.8 allows remote... |
| CVE-2014-4639 | 2015-01-07 | EMC Documentum Web Development Kit (WDK) before 6.8 does not... |
| CVE-2014-3779 | 2015-01-07 | Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ADSelfService Plus before... |
| CVE-2014-8993 | 2015-01-07 | Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX)... |
| CVE-2014-9567 | 2015-01-07 | Unrestricted file upload vulnerability in process-upload.php in ProjectSend (formerly cFTP)... |
| CVE-2014-1425 | 2015-01-07 | cmanager 0.32 does not properly enforce nesting when modifying cgroup... |
| CVE-2014-9221 | 2015-01-07 | strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to... |
| CVE-2014-9493 | 2015-01-07 | The V2 API in OpenStack Image Registry and Delivery Service... |
| CVE-2014-9569 | 2015-01-07 | Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver Business Client... |
| CVE-2015-0361 | 2015-01-07 | Use-after-free vulnerability in Xen 4.2.x, 4.3.x, and 4.4.x allows remote... |
| CVE-2014-9473 | 2015-01-08 | Unrestricted file upload vulnerability in lib_nonajax.php in the CformsII plugin... |
| CVE-2012-5853 | 2015-01-08 | SQL injection vulnerability in the "the_search_function" function in cardoza_ajax_search.php in... |
| CVE-2012-6684 | 2015-01-08 | Cross-site scripting (XSS) vulnerability in the RedCloth library 4.2.9 for... |
| CVE-2014-9578 | 2015-01-08 | VDG Security SENSE (formerly DIVA) 2.3.13 performs authentication with a... |
| CVE-2015-0920 | 2015-01-08 | Cross-site request forgery (CSRF) vulnerability in the Banner Effect Header... |
| CVE-2014-9575 | 2015-01-08 | VDG Security SENSE (formerly DIVA) before 2.3.15 allows remote attackers... |
| CVE-2014-9576 | 2015-01-08 | VDG Security SENSE (formerly DIVA) 2.3.13 has a hardcoded password... |
| CVE-2014-9577 | 2015-01-08 | VDG Security SENSE (formerly DIVA) 2.3.13 sends the user database... |
| CVE-2014-9579 | 2015-01-08 | VDG Security SENSE (formerly DIVA) 2.3.13 stores administrator credentials in... |
| CVE-2015-0917 | 2015-01-08 | Cross-site scripting (XSS) vulnerability in the backend in Kajona before... |
| CVE-2015-0918 | 2015-01-08 | Cross-site scripting (XSS) vulnerability in the administrative backend in Sefrengo... |
| CVE-2015-0919 | 2015-01-08 | Multiple SQL injection vulnerabilities in the administrative backend in Sefrengo... |
| CVE-2014-9580 | 2015-01-08 | Cross-site scripting (XSS) vulnerability in ProjectSend (formerly cFTP) r561 allows... |
| CVE-2014-9581 | 2015-01-08 | Directory traversal vulnerability in components/filemanager/download.php in Codiad 2.4.3 allows remote... |
| CVE-2014-9582 | 2015-01-08 | Cross-site scripting (XSS) vulnerability in components/filemanager/dialog.php in Codiad 2.4.3 allows... |
| CVE-2014-9583 | 2015-01-08 | common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and... |
| CVE-2014-3570 | 2015-01-09 | The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p,... |
| CVE-2014-3571 | 2015-01-09 | OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k... |
| CVE-2014-3572 | 2015-01-09 | The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0... |
| CVE-2014-8027 | 2015-01-09 | The RBAC component in Cisco Secure Access Control System (ACS)... |
| CVE-2014-8028 | 2015-01-09 | Multiple cross-site scripting (XSS) vulnerabilities in the web framework in... |
| CVE-2014-8029 | 2015-01-09 | Open redirect vulnerability in the web interface in Cisco Secure... |
| CVE-2014-8030 | 2015-01-09 | Cross-site scripting (XSS) vulnerability in sendPwMail.do in Cisco WebEx Meetings... |
| CVE-2014-8031 | 2015-01-09 | Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server... |
| CVE-2014-8032 | 2015-01-09 | The OutlookAction LI in Cisco WebEx Meetings Server allows remote... |
| CVE-2014-8033 | 2015-01-09 | The play/modules component in Cisco WebEx Meetings Server allows remote... |
| CVE-2014-8275 | 2015-01-09 | OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k... |
| CVE-2015-0204 | 2015-01-09 | The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0... |
| CVE-2015-0205 | 2015-01-09 | The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p... |
| CVE-2015-0206 | 2015-01-09 | Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL... |
| CVE-2014-9269 | 2015-01-09 | Cross-site scripting (XSS) vulnerability in helper_api.php in MantisBT 1.1.0a1 through... |
| CVE-2014-9271 | 2015-01-09 | Cross-site scripting (XSS) vulnerability in file_download.php in MantisBT before 1.2.18... |
| CVE-2014-9272 | 2015-01-09 | The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18... |
| CVE-2014-9498 | 2015-01-09 | Cross-site scripting (XSS) vulnerability in the Webform Invitation module 7.x-1.x... |
| CVE-2014-9499 | 2015-01-09 | Cross-site scripting (XSS) vulnerability in the Godwin's Law module before... |
| CVE-2014-9500 | 2015-01-09 | Cross-site scripting (XSS) vulnerability in the Moip module 7.x-1.x before... |
| CVE-2014-9501 | 2015-01-09 | Cross-site scripting (XSS) vulnerability in the Poll Chart Block module... |
| CVE-2014-9505 | 2015-01-09 | Cross-site scripting (XSS) vulnerability in the School Administration module 7.x-1.x... |
| CVE-2014-9510 | 2015-01-09 | Cross-site request forgery (CSRF) vulnerability in the administration console in... |
| CVE-2015-0921 | 2015-01-09 | XML external entity (XXE) vulnerability in the Server Task Log... |
| CVE-2015-0922 | 2015-01-09 | McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2... |
| CVE-2013-7419 | 2015-01-09 | Cross-site scripting (XSS) vulnerability in includes/refreshDate.php in the Joomlaskin JS... |
| CVE-2014-9529 | 2015-01-09 | Race condition in the key_gc_unused_keys function in security/keys/gc.c in the... |
| CVE-2014-9584 | 2015-01-09 | The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before... |
| CVE-2014-9585 | 2015-01-09 | The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through... |
| CVE-2014-3096 | 2015-01-10 | Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management... |
| CVE-2014-6158 | 2015-01-10 | Multiple directory traversal vulnerabilities in the file-upload feature in IBM... |
| CVE-2014-6199 | 2015-01-10 | The HTTP Server Adapter in IBM Sterling B2B Integrator 5.1... |
| CVE-2014-6212 | 2015-01-10 | The Echo API in IBM Emptoris Contract Management 9.5.x before... |
| CVE-2014-8020 | 2015-01-10 | Cisco Unified Communication Domain Manager Platform Software allows remote attackers... |
| CVE-2014-8035 | 2015-01-10 | The web framework in Cisco WebEx Meetings Server produces different... |
| CVE-2014-8036 | 2015-01-10 | The outlookpa component in Cisco WebEx Meetings Server does not... |
| CVE-2014-9190 | 2015-01-10 | Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere... |
| CVE-2014-9191 | 2015-01-10 | The CodeWrights HART Device Type Manager (DTM) library in Emerson... |
| CVE-2015-0559 | 2015-01-10 | Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in... |
| CVE-2015-0560 | 2015-01-10 | The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in... |
| CVE-2015-0561 | 2015-01-10 | asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12... |
| CVE-2015-0562 | 2015-01-10 | Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing... |
| CVE-2015-0563 | 2015-01-10 | epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12... |
| CVE-2015-0564 | 2015-01-10 | Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark... |
| CVE-2015-0582 | 2015-01-10 | The High Availability (HA) subsystem in Cisco NX-OS on MDS... |
| CVE-2014-9495 | 2015-01-10 | Heap-based buffer overflow in the png_combine_row function in libpng before... |
| CVE-2014-2838 | 2015-01-12 | Multiple cross-site request forgery (CSRF) vulnerabilities in the GD Star... |
| CVE-2014-2839 | 2015-01-12 | SQL injection vulnerability in the GD Star Rating plugin 19.22... |
| CVE-2014-6268 | 2015-01-12 | The evtchn_fifo_set_pending function in Xen 4.4.x allows local guest users... |
| CVE-2013-7420 | 2015-01-12 | Buffer overflow in Hancom Office 2010 SE allows remote attackers... |
| CVE-2013-2603 | 2015-01-12 | The RACInstaller.StateCtrl.1 ActiveX control in InstallerDlg.dll in RealNetworks GameHouse RealArcade... |
| CVE-2013-2604 | 2015-01-12 | RealNetworks GameHouse RealArcade Installer (aka ActiveMARK Game Installer) 2.6.0.481 and... |
| CVE-2014-100001 | 2015-01-13 | Cross-site request forgery (CSRF) vulnerability in the SEO Plugin LiveOptim... |
| CVE-2014-100002 | 2015-01-13 | Directory traversal vulnerability in ManageEngine SupportCenter Plus 7.9 before 7917... |
| CVE-2014-100004 | 2015-01-13 | Cross-site scripting (XSS) vulnerability in Sitecore CMS before 7.0 Update-4... |
| CVE-2014-100005 | 2015-01-13 | Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router... |
| CVE-2014-100006 | 2015-01-13 | Multiple cross-site scripting (XSS) vulnerabilities in modules_v3/googlemap/wt_v3_street_view.php in webtrees before... |
| CVE-2014-100007 | 2015-01-13 | Cross-site scripting (XSS) vulnerability in the HK Exif Tags plugin... |
| CVE-2014-100008 | 2015-01-13 | Cross-site scripting (XSS) vulnerability in includes/delete_img.php in the Joomlaskin JS... |
| CVE-2014-10001 | 2015-01-13 | Multiple cross-site request forgery (CSRF) vulnerabilities in PHPJabbers Appointment Scheduler... |
| CVE-2014-100010 | 2015-01-13 | Cross-site scripting (XSS) vulnerability in ClanSphere 2011.4 allows remote attackers... |
| CVE-2014-10003 | 2015-01-13 | Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow... |
| CVE-2014-10004 | 2015-01-13 | SQL injection vulnerability in admin/data_files/move.php in Maian Uploader 4.0 allows... |
| CVE-2014-10007 | 2015-01-13 | Multiple cross-site scripting (XSS) vulnerabilities in Maian Weblog 4.0 and... |
| CVE-2014-10008 | 2015-01-13 | Multiple cross-site request forgery (CSRF) vulnerabilities in Stark CRM 1.0... |