2014 CVE Vulnerabilities
9,002 CVEs published in 2014.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2014-2228 | CRITICAL | 9.8 | 3.2% | Feb 19, 2020 | The XStream extension in HP Fortify SCA before 2.2 RC3 allows remote attackers to execute arbitrary code via unsafe dese... |
| CVE-2014-3622 | CRITICAL | 9.8 | 3.1% | Feb 19, 2020 | Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might a... |
| CVE-2014-3879 | CRITICAL | 9.8 | 2.7% | Feb 18, 2020 | OpenPAM Nummularia 9.2 through 10.0 does not properly handle the error reported when an include directive refers to a po... |
| CVE-2014-4967 | CRITICAL | 9.8 | 3.4% | Feb 18, 2020 | Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by ... |
| CVE-2014-4966 | CRITICAL | 9.8 | 3.4% | Feb 18, 2020 | Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data... |
| CVE-2014-4651 | CRITICAL | 9.8 | 2.1% | Feb 18, 2020 | It was found that the jclouds scriptbuilder Statements class wrote a temporary file to a predictable location. An attack... |
| CVE-2014-8089 | CRITICAL | 9.8 | 2.5% | Feb 17, 2020 | SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the ... |
| CVE-2014-7236 | CRITICAL | 9.1 | 55.6% | Feb 17, 2020 | Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary ... |
| CVE-2014-4981 | CRITICAL | 9.8 | 6.2% | Feb 17, 2020 | LPAR2RRD in 3.5 and earlier allows remote attackers to execute arbitrary commands due to insufficient input sanitization... |
| CVE-2014-4198 | CRITICAL | 9.1 | 1.3% | Feb 13, 2020 | A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that ... |
| CVE-2014-4170 | CRITICAL | 9.8 | 14.1% | Feb 13, 2020 | A Privilege Escalation Vulnerability exists in Free Reprintables ArticleFR 11.06.2014 due to insufficient access restric... |
| CVE-2014-3919 | CRITICAL | 9.3 | 0.9% | Feb 13, 2020 | A vulnerability exists in Netgear CG3100 devices before 3.9.2421.13.mp3 V0027 via an embed malicious script in an unspec... |
| CVE-2014-9390 | CRITICAL | 9.8 | 63.2% | Feb 12, 2020 | Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS... |
| CVE-2014-2595 | CRITICAL | 9.8 | 16.5% | Feb 12, 2020 | Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a perm... |
| CVE-2014-0234 | CRITICAL | 9.8 | 3.7% | Feb 12, 2020 | The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a password of "mooo" for a M... |
| CVE-2014-9753 | CRITICAL | 9.8 | 2.9% | Feb 11, 2020 | confirm.php in ATutor 2.2 and earlier allows remote attackers to bypass authentication and gain access as an existing us... |
| CVE-2014-2052 | CRITICAL | 9.8 | 2.5% | Feb 11, 2020 | Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitra... |
| CVE-2014-8739 | CRITICAL | 9.8 | 91.7% | Feb 8, 2020 | Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery... |
| CVE-2014-5091 | CRITICAL | 9.8 | 15.2% | Feb 7, 2020 | A vulnerability exits in Status2K 2.5 Server Monitoring Software via the multies parameter to includes/functions.php, wh... |
| CVE-2014-5087 | CRITICAL | 9.8 | 7.2% | Feb 7, 2020 | A vulnerability exists in Sphider Search Engine prior to 1.3.6 due to exec calls in admin/spiderfuncs.php, which could l... |
| CVE-2014-9530 | CRITICAL | 9.8 | 1.2% | Feb 7, 2020 | A vulnerability exists in nw.js before 0.11.3 when calling nw methods from normal frames, which has an unspecified impac... |
| CVE-2014-2025 | CRITICAL | 9.8 | 4.0% | Jan 31, 2020 | Unrestricted file upload vulnerability in an unspecified third party tool in United Planet Intrexx Professional before 5... |
| CVE-2014-8322 | CRITICAL | 9.8 | 23.9% | Jan 31, 2020 | Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attac... |
| CVE-2014-5039 | CRITICAL | 9.6 | 1.2% | Jan 31, 2020 | Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.2 allows remote attacke... |
| CVE-2014-3719 | CRITICAL | 9.8 | 2.0% | Jan 30, 2020 | Multiple SQL injection vulnerabilities in cgi-bin/review_m.cgi in Ex Libris ALEPH 500 (Integrated library management sys... |
Check if your code is affected by 2014 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now