Lista CVE - 2014 / Dicembre
Visualizzazione 1 - 100 di 614 CVE per Dicembre 2014 (Pagina 1 di 7)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2013-6497 | 2014-12-01 | clamscan in ClamAV before 0.98.5, when using -a option, allows... |
| CVE-2014-2232 | 2014-12-01 | Absolute path traversal vulnerability in the MapAPI in Infoware MapSuite... |
| CVE-2014-2233 | 2014-12-01 | Server-side request forgery (SSRF) vulnerability in the MapAPI in Infoware... |
| CVE-2014-5237 | 2014-12-01 | Server-side request forgery (SSRF) vulnerability in the documentconverter component in... |
| CVE-2014-7291 | 2014-12-01 | Multiple cross-site scripting (XSS) vulnerabilities in api_events.php in Springshare LibCal... |
| CVE-2014-7816 | 2014-12-01 | Directory traversal vulnerability in JBoss Undertow 1.0.x before 1.0.17, 1.1.x... |
| CVE-2014-8749 | 2014-12-01 | Server-side request forgery (SSRF) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof... |
| CVE-2014-8866 | 2014-12-01 | The compatibility mode hypercall argument translation in Xen 3.3.x through... |
| CVE-2014-8867 | 2014-12-01 | The acceleration support for the "REP MOVS" instruction in Xen... |
| CVE-2014-9050 | 2014-12-01 | Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in... |
| CVE-2014-9087 | 2014-12-01 | Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2,... |
| CVE-2014-5268 | 2014-12-01 | The Fasttoggle module 7.x-1.3 and 7.x-1.4 for Drupal allows remote... |
| CVE-2014-9151 | 2014-12-01 | The Services module 7.x-3.x before 7.x-3.10 for Drupal does not... |
| CVE-2014-9152 | 2014-12-01 | The _user_resource_create function in the Services module 7.x-3.x before 7.x-3.10... |
| CVE-2014-9153 | 2014-12-01 | Cross-site scripting (XSS) vulnerability in the Services module 7.x-3.x before... |
| CVE-2014-9154 | 2014-12-01 | The Notify module 7.x-1.x before 7.x-1.1 for Drupal does not... |
| CVE-2014-9155 | 2014-12-01 | Directory traversal vulnerability in the Avatar Uploader module 6.x-1.x before... |
| CVE-2014-9156 | 2014-12-01 | The FileField module 6.x-3.x before 6.x-3.13 for Drupal does not... |
| CVE-2013-6494 | 2014-12-02 | fedup 0.9.0 in Fedora 19, 20, and 21 uses a... |
| CVE-2014-3065 | 2014-12-02 | Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1... |
| CVE-2014-3068 | 2014-12-02 | IBM Java Runtime Environment (JRE) 7 R1 before SR1 FP1... |
| CVE-2014-3703 | 2014-12-02 | OpenStack PackStack 2012.2.1, when the Open vSwitch (OVS) monolithic plug-in... |
| CVE-2014-5284 | 2014-12-02 | host-deny.sh in OSSEC before 2.8.1 writes to temporary files with... |
| CVE-2014-8791 | 2014-12-02 | project/register.php in Tuleap before 7.7, when sys_create_project_in_one_step is disabled, allows... |
| CVE-2014-8728 | 2014-12-02 | SQL injection vulnerability in the login page (login/login) in Subex... |
| CVE-2014-8754 | 2014-12-02 | Open redirect vulnerability in track-click.php in the Ad-Manager plugin 1.1.2... |
| CVE-2014-8788 | 2014-12-02 | GleamTech FileVista before 6.1 allows remote authenticated users to obtain... |
| CVE-2014-8789 | 2014-12-02 | GleamTech FileVista before 6.1 allows remote authenticated users to create... |
| CVE-2014-8874 | 2014-12-02 | The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses predictable... |
| CVE-2014-9112 | 2014-12-02 | Heap-based buffer overflow in the process_copy_in function in GNU Cpio... |
| CVE-2014-9113 | 2014-12-02 | CCH Wolters Kluwer ProSystem fx Engagement (aka PFX Engagement) 7.1... |
| CVE-2014-9116 | 2014-12-02 | The write_one_header function in mutt 1.5.23 does not properly handle... |
| CVE-2014-9173 | 2014-12-02 | SQL injection vulnerability in view.php in the Google Doc Embedder... |
| CVE-2014-9174 | 2014-12-02 | Cross-site scripting (XSS) vulnerability in the Google Analytics by Yoast... |
| CVE-2014-9175 | 2014-12-02 | SQL injection vulnerability in wpdatatables.php in the wpDataTables plugin 1.5.3... |
| CVE-2014-9176 | 2014-12-02 | Cross-site scripting (XSS) vulnerability in the InstaSqueeze Sexy Squeeze Pages... |
| CVE-2014-9177 | 2014-12-02 | The HTML5 MP3 Player with Playlist Free plugin before 2.7... |
| CVE-2014-9178 | 2014-12-02 | Multiple SQL injection vulnerabilities in classes/ajax.php in the Smarty Pants... |
| CVE-2014-9179 | 2014-12-02 | Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticket System plugin... |
| CVE-2014-9180 | 2014-12-02 | Open redirect vulnerability in go.php in Eleanor CMS allows remote... |
| CVE-2014-9181 | 2014-12-02 | Multiple directory traversal vulnerabilities in Plex Media Server before 0.9.9.3... |
| CVE-2014-9182 | 2014-12-02 | models/comment.php in Anchor CMS 0.9.2 and earlier allows remote attackers... |
| CVE-2014-9183 | 2014-12-02 | ZTE ZXDSL 831CII has a default password of admin for... |
| CVE-2014-9184 | 2014-12-02 | ZTE ZXDSL 831CII allows remote attackers to bypass authentication via... |
| CVE-2014-3988 | 2014-12-03 | Cross-site scripting (XSS) vulnerability in index.php in SunHater KCFinder 3.11... |
| CVE-2014-9141 | 2014-12-03 | The installer in Thomson Reuters Fixed Assets CS 13.1.4 and... |
| CVE-2014-9220 | 2014-12-03 | SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x... |
| CVE-2014-8104 | 2014-12-03 | OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x... |
| CVE-2014-8771 | 2014-12-03 | Multiple cross-site request forgery (CSRF) vulnerabilities in the admin area... |
| CVE-2014-8772 | 2014-12-03 | Cross-site scripting (XSS) vulnerability in the search_controller in X3 CMS... |
| CVE-2014-8773 | 2014-12-03 | MODX Revolution 2.x before 2.2.15 allows remote attackers to bypass... |
| CVE-2014-8774 | 2014-12-03 | Cross-site scripting (XSS) vulnerability in manager/index.php in MODX Revolution 2.x... |
| CVE-2014-8775 | 2014-12-03 | MODX Revolution 2.x before 2.2.15 does not include the HTTPOnly... |
| CVE-2014-9018 | 2014-12-03 | Icecast before 2.4.1 transmits the output of the on-connect script,... |
| CVE-2013-7416 | 2014-12-03 | canto_curses/guibase.py in Canto Curses before 0.9.0 allows remote feed servers... |
| CVE-2014-9134 | 2014-12-03 | Unrestricted file upload vulnerability in Huawei Honor Cube Wireless Router... |
| CVE-2014-9157 | 2014-12-03 | Format string vulnerability in the yyerror function in lib/cgraph/scan.l in... |
| CVE-2014-9238 | 2014-12-03 | D-link IP camera DCS-2103 with firmware 1.0.0 allows remote attackers... |
| CVE-2014-9234 | 2014-12-03 | Directory traversal vulnerability in cgi-bin/sddownload.cgi in D-link IP camera DCS-2103... |
| CVE-2014-9235 | 2014-12-03 | Multiple SQL injection vulnerabilities in Zoph (aka Zoph Organizes Photos)... |
| CVE-2014-9236 | 2014-12-03 | Cross-site scripting (XSS) vulnerability in php/edit_photos.php in Zoph (aka Zoph... |
| CVE-2014-9237 | 2014-12-03 | SQL injection vulnerability in Proticaret E-Commerce 3.0 allows remote attackers... |
| CVE-2014-9239 | 2014-12-03 | SQL injection vulnerability in the IPS Connect service (interface/ipsconnect/ipsconnect.php) in... |
| CVE-2014-9240 | 2014-12-03 | SQL injection vulnerability in member.php in MyBB (aka MyBulletinBoard) 1.8.x... |
| CVE-2014-9241 | 2014-12-03 | Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) 1.8.x... |
| CVE-2014-9242 | 2014-12-03 | SQL injection vulnerability in admin/pages/modify.php in WebsiteBaker 2.8.3 allows remote... |
| CVE-2014-9243 | 2014-12-03 | Multiple cross-site scripting (XSS) vulnerabilities in WebsiteBaker 2.8.3 allow remote... |
| CVE-2014-5445 | 2014-12-04 | Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer... |
| CVE-2014-5446 | 2014-12-04 | Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine... |
| CVE-2014-6034 | 2014-12-04 | Directory traversal vulnerability in the com.me.opmanager.extranet.remote.communication.fw.fe.FileCollector servlet in ZOHO ManageEngine... |
| CVE-2014-6035 | 2014-12-04 | Directory traversal vulnerability in the FileCollector servlet in ZOHO ManageEngine... |
| CVE-2014-6036 | 2014-12-04 | Directory traversal vulnerability in the multipartRequest servlet in ZOHO ManageEngine... |
| CVE-2014-7867 | 2014-12-04 | SQL injection vulnerability in the com.manageengine.opmanager.servlet.UpdateProbeUpgradeStatus servlet in ZOHO ManageEngine... |
| CVE-2014-7868 | 2014-12-04 | Multiple SQL injection vulnerabilities in ZOHO ManageEngine OpManager 11.3 and... |
| CVE-2014-3996 | 2014-12-05 | SQL injection vulnerability in the LinkViewFetchServlet servlet in ManageEngine Desktop... |
| CVE-2014-3997 | 2014-12-05 | SQL injection vulnerability in the MetadataServlet servlet in ManageEngine Password... |
| CVE-2014-8800 | 2014-12-05 | Cross-site scripting (XSS) vulnerability in nextend-facebook-settings.php in the Nextend Facebook... |
| CVE-2014-9129 | 2014-12-05 | Cross-site request forgery (CSRF) vulnerability in the CreativeMinds CM Downloads... |
| CVE-2014-9142 | 2014-12-05 | Cross-site scripting (XSS) vulnerability in Technicolor Router TD5130 with firmware... |
| CVE-2014-9143 | 2014-12-05 | Open redirect vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV... |
| CVE-2014-9144 | 2014-12-05 | Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to... |
| CVE-2014-9212 | 2014-12-05 | Multiple cross-site scripting (XSS) vulnerabilities in Altitude uAgent in Altitude... |
| CVE-2014-9215 | 2014-12-05 | SQL injection vulnerability in the CheckEmail function in includes/functions.class.php in... |
| CVE-2012-6656 | 2014-12-05 | iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows... |
| CVE-2014-2273 | 2014-12-05 | The hx170dec device driver in Huawei P2-6011 before V100R001C00B043 allows... |
| CVE-2014-3561 | 2014-12-05 | The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses... |
| CVE-2014-3627 | 2014-12-05 | The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11... |
| CVE-2014-4701 | 2014-12-05 | The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local... |
| CVE-2014-4702 | 2014-12-05 | The check_icmp plugin in Nagios Plugins before 2.0.2 allows local... |
| CVE-2014-4703 | 2014-12-05 | lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain... |
| CVE-2014-6040 | 2014-12-05 | GNU C Library (aka glibc) before 2.20 allows context-dependent attackers... |
| CVE-2014-8123 | 2014-12-05 | Buffer overflow in the bGetPPS function in wordole.c in Antiword... |
| CVE-2014-8990 | 2014-12-05 | default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to... |
| CVE-2014-9140 | 2014-12-05 | Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump... |
| CVE-2014-7243 | 2014-12-05 | LG Electronics Mobile WiFi router L-09C, L-03E, and L-04D does... |
| CVE-2014-7252 | 2014-12-05 | Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments... |
| CVE-2014-7253 | 2014-12-05 | FUJITSU F-12C, ARROWS Tab LTE F-01D, ARROWS Kiss F-03D, and... |
| CVE-2014-7254 | 2014-12-05 | Unspecified vulnerability in ARROWS Me F-11D allows physically proximate attackers... |
| CVE-2014-7255 | 2014-12-05 | Internet Initiative Japan Inc. SEIL Series routers SEIL/X1 2.50 through... |
| CVE-2014-7256 | 2014-12-05 | The (1) PPP Access Concentrator (PPPAC) and (2) Dial-Up Networking... |