2014 CVE Vulnerabilities
9,002 CVEs published in 2014.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2014-8516 | CRITICAL | 9.8 | 81.7% | Jan 3, 2020 | Unrestricted file upload vulnerability in Visual Mining NetCharts Server allows remote attackers to execute arbitrary co... |
| CVE-2014-8337 | CRITICAL | 9.8 | 4.8% | Jan 3, 2020 | Unrestricted file upload vulnerability in includes/classes/uploadify-v2.1.4/uploadify.php in HelpDEZk 1.0.1 and earlier ... |
| CVE-2014-0011 | CRITICAL | 9.8 | 2.5% | Jan 2, 2020 | Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, wh... |
| CVE-2014-0048 | CRITICAL | 9.8 | 6.5% | Jan 2, 2020 | An issue was found in Docker before 1.6.0. Some programs and scripts in Docker are downloaded via HTTP and then executed... |
| CVE-2014-5289 | CRITICAL | 9.8 | 12.0% | Dec 27, 2019 | Buffer overflow in Senkas Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a POST request... |
| CVE-2014-8650 | CRITICAL | 9.8 | 3.6% | Dec 15, 2019 | python-requests-Kerberos through 0.5 does not handle mutual authentication |
| CVE-2014-3699 | CRITICAL | 9.8 | 2.3% | Dec 15, 2019 | eDeploy has RCE via cPickle deserialization of untrusted data |
| CVE-2014-0175 | CRITICAL | 9.8 | 2.0% | Dec 13, 2019 | mcollective has a default password set at install |
| CVE-2014-7257 | CRITICAL | 9.8 | 1.6% | Dec 11, 2019 | SQL injection vulnerability in DBD::PgPP 0.05 and earlier |
| CVE-2014-6311 | CRITICAL | 9.8 | 1.7% | Nov 22, 2019 | generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp directory which allows attacker... |
| CVE-2014-6310 | CRITICAL | 9.8 | 4.7% | Nov 22, 2019 | Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' funct... |
| CVE-2014-3585 | CRITICAL | 9.8 | 1.1% | Nov 22, 2019 | redhat-upgrade-tool: Does not check GPG signatures when upgrading versions |
| CVE-2014-3700 | CRITICAL | 9.8 | 2.9% | Nov 21, 2019 | eDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data |
| CVE-2014-3180 | CRITICAL | 9.1 | 0.9% | Nov 6, 2019 | In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible ... |
| CVE-2014-2073 | CRITICAL | 9.8 | 4.9% | Apr 10, 2018 | Stack-based buffer overflow in Dassault Systemes CATIA V5-6R2013 allows remote attackers to execute arbitrary code via a... |
| CVE-2014-3539 | CRITICAL | 9.8 | 3.0% | Apr 6, 2018 | base/oi/doa.py in the Rope library in CPython (aka Python) allows remote attackers to execute arbitrary code by leveragi... |
| CVE-2014-5071 | CRITICAL | 9.8 | 1.7% | Jan 8, 2018 | SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows remote attackers to execut... |
| CVE-2014-9515 | CRITICAL | 9.8 | 5.6% | Dec 29, 2017 | Dozer improperly uses a reflection-based approach to type conversion, which might allow remote attackers to execute arbi... |
| CVE-2014-1203 | CRITICAL | 9.8 | 15.6% | Oct 24, 2017 | The get_login_ip_config_file function in Eyou Mail System before 3.6 allows remote attackers to execute arbitrary comman... |
| CVE-2014-3931 | CRITICAL | 9.8 | 26.6% | Mar 31, 2017 | fastping.c in MRLG (aka Multi-Router Looking Glass) before 5.5.0 allows remote attackers to cause an arbitrary memory wr... |
| CVE-2014-9852 | CRITICAL | 9.8 | 2.9% | Mar 17, 2017 | distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have ... |
| CVE-2014-5415 | CRITICAL | 9.1 | 4.3% | Oct 5, 2016 | Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow r... |
| CVE-2014-5414 | CRITICAL | 9.1 | 4.8% | Oct 5, 2016 | Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components do not restri... |
| CVE-2014-9410 | CRITICAL | 9.8 | 1.3% | Aug 7, 2016 | The vfe31_proc_general function in drivers/media/video/msm/vfe/msm_vfe31.c in the MSM-VFE31 driver for the Linux kernel ... |
| CVE-2014-8361 | CRITICAL | 9.8 | 100.0% | May 1, 2015 | The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClien... |
Check if your code is affected by 2014 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now