2014 CVE Vulnerabilities
9,002 CVEs published in 2014.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2014-6287 | CRITICAL | 9.8 | 99.3% | Oct 7, 2014 | The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c a... |
| CVE-2014-7169 | CRITICAL | 9.8 | 99.9% | Sep 25, 2014 | GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of... |
| CVE-2014-6271 | CRITICAL | 9.8 | 100.0% | Sep 24, 2014 | GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which... |
| CVE-2014-0546 | CRITICAL | 9.8 | 22.3% | Aug 12, 2014 | Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox prot... |
| CVE-2014-1532 | CRITICAL | 9.8 | 4.6% | Apr 30, 2014 | Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox ... |
| CVE-2014-1524 | CRITICAL | 9.8 | 7.5% | Apr 30, 2014 | The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunder... |
| CVE-2014-1776 | CRITICAL | 9.8 | 88.0% | Apr 27, 2014 | Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary co... |
| CVE-2014-0780 | CRITICAL | 9.8 | 74.5% | Apr 25, 2014 | Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers t... |
| CVE-2014-1514 | CRITICAL | 9.8 | 6.1% | Mar 19, 2014 | vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMon... |
| CVE-2014-1511 | CRITICAL | 9.8 | 83.6% | Mar 19, 2014 | Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remo... |
| CVE-2014-1510 | CRITICAL | 9.8 | 82.3% | Mar 19, 2014 | The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and Se... |
| CVE-2014-1508 | CRITICAL | 9.1 | 4.3% | Mar 19, 2014 | The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird bef... |
| CVE-2014-1493 | CRITICAL | 9.8 | 8.1% | Mar 19, 2014 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4,... |
| CVE-2014-2323 | CRITICAL | 9.8 | 61.7% | Mar 14, 2014 | SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary ... |
| CVE-2014-1486 | CRITICAL | 9.8 | 7.1% | Feb 6, 2014 | Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.... |
| CVE-2014-1477 | CRITICAL | 9.8 | 5.5% | Feb 6, 2014 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3,... |
| CVE-2014-0497 | CRITICAL | 9.8 | 99.9% | Feb 5, 2014 | Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Ma... |
| CVE-2014-0808 | CRITICAL | 9.1 | 2.2% | Jan 22, 2014 | Authorization bypass through user-controlled key issue exists in EC-CUBE 2.11.0 through 2.12.2 and EC-Orange systems dep... |
Check if your code is affected by 2014 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now