CVEs from 2014
Total
7,864
critical
critical 837
high
high 1,288
medium
medium 4,980
low
low 583
% Critical
10.6%
% with KEV
0.4%
% with exploit
9.8%
Top vendors
Top products
- chrome 3,804
- moodle 1,668
- flash_player 1,397
- firefox 1,239
- mediawiki 1,130
- ffmpeg 998
- acrobat 966
- acrobat_reader 944
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-0661 | high | — | 8.3 | 13y ago | The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote a… | |||
| CVE-2014-9619 | high | 7.2 | 8.2 | 9y ago | Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote authenticated users with a… | |||
| CVE-2014-7872 | high | — | 8.2 | 11y ago | Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server. | |||
| CVE-2014-7822 | high | — | 8.2 | 11y ago | The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a den… | |||
| CVE-2014-9643 | high | — | 8.2 | 12y ago | K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via … | |||
| CVE-2014-9642 | high | — | 8.2 | 12y ago | bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain priv… | |||
| CVE-2014-9641 | high | — | 8.2 | 12y ago | The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privile… | |||
| CVE-2014-9632 | high | — | 8.2 | 12y ago | The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 Hot Fix 18 and 2015.x before 2015.5315 and Protection before 2015.5315 allows local users to write to arbitrary memory locations… | |||
| CVE-2014-0998 | high | — | 8.2 | 12y ago | Integer signedness error in the vt console driver (formerly Newcons) in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service (crash) and possibly gain privileges … | |||
| CVE-2014-9226 | high | — | 8.2 | 12y ago | The management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows local users to bypass i… | |||
| CVE-2014-8904 | high | — | 8.2 | 12y ago | lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable value. | |||
| CVE-2014-4322 | high | — | 8.2 | 12y ago | drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain… | |||
| CVE-2014-7286 | high | — | 8.2 | 12y ago | Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors. | |||
| CVE-2014-7208 | high | — | 8.2 | 12y ago | GParted before 0.15.0 allows local users to execute arbitrary commands with root privileges via shell metacharacters in a crafted filesystem label. | |||
| CVE-2014-9141 | high | — | 8.2 | 12y ago | The installer in Thomson Reuters Fixed Assets CS 13.1.4 and earlier uses weak permissions for connectbgdl.exe, which allows local users to execute arbitrary code by modifying this program. | |||
| CVE-2014-9113 | high | — | 8.2 | 12y ago | CCH Wolters Kluwer ProSystem fx Engagement (aka PFX Engagement) 7.1 and earlier uses weak permissions (Authenticated Users: Modify and Write) for the (1) Pfx.Engagement.WcfServices, (2) PFXEngDesktop… | |||
| CVE-2014-5284 | high | — | 8.2 | 12y ago | host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root… | |||
| CVE-2014-8359 | high | — | 8.2 | 12y ago | Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.d… | |||
| CVE-2014-4076 | high | — | 8.2 | 12y ago | Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability." | |||
| CVE-2014-5507 | high | — | 8.2 | 12y ago | iBackup 10.0.0.32 and earlier uses weak permissions (Everyone: Full Control) for ib_service.exe, which allows local users to gain privileges via a Trojan horse file. | |||
| CVE-2014-3631 | high | — | 8.2 | 12y ago | The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to … | |||
| CVE-2014-5453 | high | — | 8.2 | 12y ago | Ubisoft Uplay PC before 4.6.1.3217 use weak permissions (Everyone: Full Control) for the program installation directory (%PROGRAMFILES%\Ubisoft Game Launcher), which allows local users to gain privil… | |||
| CVE-2014-4971 | high | — | 8.2 | 12y ago | Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a cra… | |||
| CVE-2014-1767 | high | — | 8.2 | 12y ago | Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Win… | |||
| CVE-2014-2514 | high | — | 8.2 | 12y ago | EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15, 7.0 before P15, and 7.1 before P06 does not properly check authorization and does not properly restrict object types, which allow… | |||
| CVE-2014-2513 | high | — | 8.2 | 12y ago | EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15, 7.0 before P15, and 7.1 before P06 does not properly check authorization after creation of an object, which allows remote authent… | |||
| CVE-2014-2533 | high | — | 8.2 | 12y ago | /sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument. | |||
| CVE-2014-1287 | high | — | 8.2 | 12y ago | USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages. | |||
| CVE-2014-2029 | high | 8.1 | 8.1 | 9y ago | The automatic version check functionality in the tools in Percona Toolkit 2.1 allows man-in-the-middle attackers to obtain sensitive information or execute arbitrary code by leveraging use of HTTP to… | |||
| CVE-2014-8886 | high | 8.1 | 8.1 | 11y ago | AVM FRITZ!OS before 6.30 extracts the contents of firmware updates before verifying their cryptographic signature, which allows remote attackers to create symlinks or overwrite critical files, and co… | |||
| CVE-2014-2022 | high | — | 8.1 | 12y ago | SQL injection vulnerability in includes/api/4/breadcrumbs_create.php in vBulletin 4.2.2, 4.2.1, 4.2.0 PL2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the conc… | |||
| CVE-2014-4422 | high | 8.1 | 8.1 | 12y ago | The kernel in Apple iOS before 8 and Apple TV before 7 uses a predictable random number generator during the early portion of the boot process, which allows attackers to bypass certain kernel-hardeni… | |||
| CVE-2014-5074 | high | — | 8.1 | 12y ago | Siemens SIMATIC S7-1500 CPU devices with firmware before 1.6 allow remote attackers to cause a denial of service (device restart and STOP transition) via crafted TCP packets. | |||
| CVE-2014-3085 | high | — | 8.1 | 12y ago | systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the l… | |||
| CVE-2014-2928 | high | — | 8.1 | 12y ago | The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1,… | |||
| CVE-2014-2996 | high | — | 8.1 | 12y ago | XCloner Standalone 3.5 and earlier, when enable_db_backup and sql_mem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackup_co… | |||
| CVE-2014-3222 | high | 7.0 | 8.0 | 9y ago | In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier versions, attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key… | |||
| CVE-2014-3053 | high | — | 8.0 | 12y ago | The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.… | |||
| CVE-2014-2347 | high | — | 8.0 | 12y ago | Amtelco miSecureMessages (aka MSM) 6.2 does not properly manage sessions, which allows remote authenticated users to obtain sensitive information via a modified message request. | |||
| CVE-2014-3434 | medium | — | 7.9 | 12y ago | Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x before 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbit… | |||
| CVE-2014-3560 | high | — | 7.9 | 12y ago | NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a… | |||
| CVE-2014-4943 | medium | — | 7.9 | 12y ago | The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. | |||
| CVE-2014-4699 | medium | — | 7.9 | 12y ago | The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows … | |||
| CVE-2014-3977 | medium | — | 7.9 | 12y ago | libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix… | |||
| CVE-2014-0356 | high | — | 7.9 | 12y ago | The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote attackers to execute arbitrary code via shell metacharacters in input to the (1) detectWeather, (2) set_langua… | |||
| CVE-2014-0355 | high | — | 7.9 | 12y ago | Multiple stack-based buffer overflows on the ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allow man-in-the-middle attackers to execute arbitrary code via (1) a long temp att… | |||
| CVE-2014-2851 | medium | — | 7.9 | 12y ago | Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gai… | |||
| CVE-2014-0983 | medium | — | 7.9 | 12y ago | Multiple array index errors in programs that are automatically generated by VBox/HostServices/SharedOpenGL/crserverlib/server_dispatch.py in Oracle VirtualBox 4.2.x through 4.2.20 and 4.3.x before 4.… | |||
| CVE-2014-2033 | high | — | 7.9 | 12y ago | The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users t… | |||
| CVE-2014-0038 | medium | — | 7.9 | 13y ago | The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted tim… | |||
| CVE-2014-2828 | high | — | 7.8 | 4y ago | The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service (CPU consumption) via a large number of the sa… | |||
| CVE-2014-0047 | high | 7.8 | 7.8 | 9y ago | Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage. | |||
| CVE-2014-8156 | high | 7.8 | 7.8 | 9y ago | The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in fso-gsmd 0.12.0-3, fso-frameworkd 0.9.5.9+git20110512-4, and fso-usaged 0.12.0-2 as packaged in Debian, the upstream cornucopia.git (… | |||
| CVE-2014-8872 | high | 7.8 | 7.8 | 9y ago | Improper Verification of Cryptographic Signature in AVM FRITZ!Box 6810 LTE after firmware 5.22, FRITZ!Box 6840 LTE after firmware 5.23, and other models with firmware 5.50. | |||
| CVE-2014-0145 | high | 7.8 | 7.8 | 9y ago | Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_sn… | |||
| CVE-2014-1235 | high | 7.8 | 7.8 | 9y ago | Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: … | |||
| CVE-2014-9967 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. | |||
| CVE-2014-9965 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of an SCM call. | |||
| CVE-2014-9964 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality. | |||
| CVE-2014-9963 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WideVine DRM. | |||
| CVE-2014-9962 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of a DRM provisioning command. | |||
| CVE-2014-9961 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a vulnerability in eMMC write protection exists that can be used to bypass power-on write protection. | |||
| CVE-2014-9960 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API. | |||
| CVE-2014-9952 | high | 7.8 | 7.8 | 9y ago | In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist. | |||
| CVE-2014-9950 | high | 7.8 | 7.8 | 9y ago | In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist. | |||
| CVE-2014-9949 | high | 7.8 | 7.8 | 9y ago | In TrustZone in all Android releases from CAF using the Linux kernel, an Untrusted Pointer Dereference vulnerability could potentially exist. | |||
| CVE-2014-9948 | high | 7.8 | 7.8 | 9y ago | In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Validation of Array Index vulnerability could potentially exist. | |||
| CVE-2014-9946 | high | 7.8 | 7.8 | 9y ago | In Core Kernel in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | |||
| CVE-2014-9945 | high | 7.8 | 7.8 | 9y ago | In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist. | |||
| CVE-2014-9944 | high | 7.8 | 7.8 | 9y ago | In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. | |||
| CVE-2014-9943 | high | 7.8 | 7.8 | 9y ago | In Core Kernel in all Android releases from CAF using the Linux kernel, a Null Pointer Dereference vulnerability could potentially exist. | |||
| CVE-2014-9942 | high | 7.8 | 7.8 | 9y ago | In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable vulnerability could potentially exist. | |||
| CVE-2014-9930 | high | 7.8 | 7.8 | 9y ago | In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | |||
| CVE-2014-9929 | high | 7.8 | 7.8 | 9y ago | In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist. | |||
| CVE-2014-9928 | high | 7.8 | 7.8 | 9y ago | In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | |||
| CVE-2014-9927 | high | 7.8 | 7.8 | 9y ago | In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | |||
| CVE-2014-9926 | high | 7.8 | 7.8 | 9y ago | In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | |||
| CVE-2014-9925 | high | 7.8 | 7.8 | 9y ago | In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | |||
| CVE-2014-9924 | high | 7.8 | 7.8 | 9y ago | In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur. | |||
| CVE-2014-9923 | high | 7.8 | 7.8 | 9y ago | In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | |||
| CVE-2014-9937 | high | 7.8 | 7.8 | 9y ago | In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | |||
| CVE-2014-9935 | high | 7.8 | 7.8 | 9y ago | In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | |||
| CVE-2014-9934 | high | 7.8 | 7.8 | 9y ago | A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding. | |||
| CVE-2014-9933 | high | 7.8 | 7.8 | 9y ago | Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access. | |||
| CVE-2014-9932 | high | 7.8 | 7.8 | 9y ago | In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation. | |||
| CVE-2014-9931 | high | 7.8 | 7.8 | 9y ago | A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value. | |||
| CVE-2014-9922 | high | 7.8 | 7.8 | 9y ago | The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overla… | |||
| CVE-2014-9114 | high | 7.8 | 7.8 | 9y ago | Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. | |||
| CVE-2014-9825 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824. | |||
| CVE-2014-9824 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825. | |||
| CVE-2014-9823 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819. | |||
| CVE-2014-9822 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file. | |||
| CVE-2014-9821 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file. | |||
| CVE-2014-9820 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file. | |||
| CVE-2014-9819 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823. | |||
| CVE-2014-9817 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file. | |||
| CVE-2014-9835 | high | 7.8 | 7.8 | 9y ago | Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. | |||
| CVE-2014-9834 | high | 7.8 | 7.8 | 9y ago | Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. | |||
| CVE-2014-9833 | high | 7.8 | 7.8 | 9y ago | Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. | |||
| CVE-2014-9832 | high | 7.8 | 7.8 | 9y ago | Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file. |