CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
9651 CVE-2014-2312 59 2018-03-26 2018-04-24
6.6
None Local Low Not required None Complete Complete
The main function in android_main.cpp in thermald allows local users to write to arbitrary files via a symlink attack on /tmp/thermald.pid.
9652 CVE-2014-2309 189 DoS 2014-03-11 2015-03-25
6.1
None Local Network Low Not required None None Complete
The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.
9653 CVE-2014-2296 611 Bypass 2018-07-20 2018-09-19
6.8
None Remote Medium Not required Partial Partial Partial
XML external entity (XXE) vulnerability in java/org/jasig/cas/util/SamlUtils.java in Jasig CAS server before 3.4.12.1 and 3.5.x before 3.5.2.1, when Google Accounts Integration is enabled, allows remote unauthenticated users to bypass authentication via crafted XML data.
9654 CVE-2014-2279 22 Exec Code Dir. Trav. 2014-10-17 2017-08-28
6.4
None Remote Low Not required None Partial Partial
Multiple directory traversal vulnerabilities in SeedDMS (formerly LetoDMS and MyDMS) before 4.3.4 allow (1) remote authenticated users with access to the LogManagement functionality to read arbitrary files via a .. (dot dot) in the logname parameter to out/out.LogManagement.php or (2) remote attackers to write to arbitrary files via a .. (dot dot) in the fileId parameter to op/op.AddFile2.php. NOTE: vector 2 can be leveraged to execute arbitrary code by using CVE-2014-2278.
9655 CVE-2014-2274 352 XSS CSRF 2018-03-19 2018-04-17
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the Subscribe To Comments Reloaded plugin before 140219 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via a request to the subscribe-to-comments-reloaded/options/index.php page to wp-admin/admin.php.
9656 CVE-2014-2269 20 2014-04-22 2014-04-22
6.4
None Remote Low Not required None Partial Partial
modules/Users/ForgotPassword.php in vTiger 6.0 before Security Patch 2 allows remote attackers to reset the password for arbitrary users via a request containing the username, password, and confirmPassword parameters.
9657 CVE-2014-2263 119 Overflow 2014-02-28 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write.
9658 CVE-2014-2253 DoS 2014-03-16 2014-03-25
6.1
None Local Network Low Not required None None Complete
Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted Profinet packets.
9659 CVE-2014-2252 399 DoS 2014-03-24 2014-03-24
6.1
None Local Network Low Not required None None Complete
Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted PROFINET packets, a different vulnerability than CVE-2014-2253.
9660 CVE-2014-2245 89 Exec Code Sql 2014-03-05 2014-03-07
6.0
None Remote Medium Single system Partial Partial Partial
SQL injection vulnerability in the News module in CMS Made Simple (CMSMS) before 1.11.10 allows remote authenticated users with the "Modify News" permission to execute arbitrary SQL commands via the sortby parameter to admin/moduleinterface.php. NOTE: some of these details are obtained from third party information.
9661 CVE-2014-2241 20 DoS 2014-03-18 2014-04-01
6.8
None Remote Medium Not required Partial Partial Partial
The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file.
9662 CVE-2014-2238 89 Exec Code Sql 2014-03-05 2017-08-28
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in the manage configuration page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.16 allows remote authenticated administrators to execute arbitrary SQL commands via the filter_config_id parameter.
9663 CVE-2014-2234 20 Bypass 2014-03-05 2014-03-05
6.4
None Remote Low Not required Partial Partial None
A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier uses a Trust Evaluation Agent (TEA) feature without terminating certain TLS/SSL handshakes as specified in the SSL_CTX_set_verify callback function's documentation, which allows remote attackers to bypass extra verification within a custom application via a crafted certificate chain that is acceptable to TEA but not acceptable to that application.
9664 CVE-2014-2227 264 Bypass 2014-07-25 2019-06-10
6.0
None Remote Medium Single system Partial Partial Partial
The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti Networks UniFi Video (formerly AirVision aka AirVision Controller) before 3.0.1 does not restrict access to the application, which allows remote attackers to bypass the Same Origin Policy via a crafted SWF file.
9665 CVE-2014-2205 264 2014-02-26 2018-10-09
6.3
None Remote Medium Single system Complete None None
The Import and Export Framework in McAfee ePolicy Orchestrator (ePO) before 4.6.7 Hotfix 940148 allows remote authenticated users with permissions to add dashboards to read arbitrary files by importing a crafted XML file, related to an XML External Entity (XXE) issue.
9666 CVE-2014-2194 20 2014-05-20 2014-05-20
6.8
None Remote Medium Not required Partial Partial Partial
system/egain/chat/entrypoint in Cisco Unified Web and E-mail Interaction Manager 9.0(2) allows remote attackers to have an unspecified impact by injecting a spoofed XML external entity.
9667 CVE-2014-2190 352 CSRF 2014-05-07 2015-08-13
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless (aka BAC-TW) allows remote attackers to hijack the authentication of arbitrary users for requests that make BAC-TW changes, aka Bug IDs CSCuo23804 and CSCuo26389.
9668 CVE-2014-2186 352 CSRF 2014-04-30 2015-09-16
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco WebEx Meetings Server allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj81777.
9669 CVE-2014-2183 20 DoS 2014-04-29 2014-04-29
6.3
None Remote Medium Single system None None Complete
The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973.
9670 CVE-2014-2182 20 DoS 2014-04-29 2014-04-29
6.1
None Local Network Low Not required None None Complete
Cisco Adaptive Security Appliance (ASA) Software, when DHCPv6 replay is configured, allows remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 packet, aka Bug ID CSCun45520.
9671 CVE-2014-2181 287 2014-05-07 2014-05-07
6.8
None Remote Low Single system Complete None None
Cisco Adaptive Security Appliance (ASA) Software allows remote authenticated users to read files by sending a crafted URL to the HTTP server, as demonstrated by reading the running configuration, aka Bug ID CSCun78551.
9672 CVE-2014-2178 352 CSRF 2014-11-07 2018-10-09
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the administrative web interface in the Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote attackers to hijack the authentication of administrators, aka Bug ID CSCuh87145.
9673 CVE-2014-2172 119 Overflow +Priv 2014-05-02 2014-05-02
6.6
None Local Medium Single system Complete Complete Complete
Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows local users to gain privileges by leveraging improper handling of the u-boot compiler flag for internal executable files, aka Bug ID CSCub67693.
9674 CVE-2014-2152 352 CSRF 2015-02-11 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the INSERT page in Cisco Prime Infrastructure (PI) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun21868.
9675 CVE-2014-2144 20 DoS 2014-04-05 2014-04-07
6.1
None Local Network Low Not required None None Complete
Cisco IOS XR does not properly throttle ICMPv6 redirect packets, which allows remote attackers to cause a denial of service (IPv4 and IPv6 transit outage) via crafted redirect messages, aka Bug ID CSCum14266.
9676 CVE-2014-2131 399 DoS 2014-03-28 2014-03-31
6.1
None Local Network Low Not required None None Complete
The packet driver in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a series of (1) Virtual Switching Systems (VSS) or (2) Bidirectional Forwarding Detection (BFD) packets, aka Bug IDs CSCug41049 and CSCue61890.
9677 CVE-2014-2130 264 Exec Code 2015-03-05 2015-11-30
6.5
None Remote Low Single system Partial Partial Partial
Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat, which allows remote authenticated users to modify application files and configuration files, and consequently execute arbitrary code, by leveraging administrative privileges, aka Bug ID CSCuj83189.
9678 CVE-2014-2115 352 CSRF 2014-04-04 2015-09-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun24250.
9679 CVE-2014-2103 20 DoS 2014-02-27 2014-02-28
6.8
None Remote Low Single system None None Complete
Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309.
9680 CVE-2014-2099 189 DoS 2014-03-01 2014-03-03
6.8
None Remote Medium Not required Partial Partial Partial
The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Microsoft RLE video data.
9681 CVE-2014-2098 119 DoS Overflow Mem. Corr. 2014-03-01 2016-12-02
6.8
None Remote Medium Not required Partial Partial Partial
libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect data-structure size for certain coefficients, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted WMA data.
9682 CVE-2014-2097 20 DoS 2014-03-01 2016-12-02
6.8
None Remote Medium Not required Partial Partial Partial
The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted TAK (aka Tom's lossless Audio Kompressor) data.
9683 CVE-2014-2089 94 Exec Code 2014-03-02 2014-03-03
6.8
None Remote Medium Not required Partial Partial Partial
ILIAS 4.4.1 allows remote attackers to execute arbitrary PHP code via an e-mail attachment that leads to creation of a .php file with a certain client_id pathname.
9684 CVE-2014-2088 Exec Code 2014-03-02 2014-03-03
6.5
None Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in ilias.php in ILIAS 4.4.1 allows remote authenticated users to execute arbitrary PHP code by using a .php filename in an upload_files action to the uploadFiles command, and then accessing the .php file via a direct request to a certain client_id pathname.
9685 CVE-2014-2066 287 2014-10-17 2016-06-13
6.8
None Remote Medium Not required Partial Partial Partial
Session fixation vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to hijack web sessions via vectors involving the "override" of Jenkins cookies.
9686 CVE-2014-2062 287 2014-10-17 2016-06-13
6.5
None Remote Low Single system Partial Partial Partial
Jenkins before 1.551 and LTS before 1.532.2 does not invalidate the API token when a user is deleted, which allows remote authenticated users to retain access via the token.
9687 CVE-2014-2059 22 Dir. Trav. 2014-02-28 2017-08-28
6.5
None Remote Low Single system Partial Partial Partial
Directory traversal vulnerability in the CLI job creation (hudson/cli/CreateJobCommand.java) in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to overwrite arbitrary files via the job name.
9688 CVE-2014-2058 264 Bypass 2014-10-17 2016-06-13
6.5
None Remote Low Single system Partial Partial Partial
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7330.
9689 CVE-2014-2047 287 2014-03-14 2014-03-25
6.8
None Remote Medium Not required Partial Partial Partial
Session fixation vulnerability in ownCloud before 6.0.2, when PHP is configured to accept session parameters through a GET request, allows remote attackers to hijack web sessions via unspecified vectors.
9690 CVE-2014-2043 89 1 Exec Code Sql 2014-03-13 2018-10-09
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in Resources/System/Templates/Data.aspx in Procentia IntelliPen before 1.1.18.1658 allows remote authenticated users to execute arbitrary SQL commands via the value parameter.
9691 CVE-2014-2029 200 Exec Code +Info 2017-09-28 2017-10-10
6.8
None Remote Medium Not required Partial Partial Partial
The automatic version check functionality in the tools in Percona Toolkit 2.1 allows man-in-the-middle attackers to obtain sensitive information or execute arbitrary code by leveraging use of HTTP to download configuration information from v.percona.com.
9692 CVE-2014-2005 287 2014-06-25 2019-09-27
6.9
None Local Medium Not required Complete Complete Complete
Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x before 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically proximate attackers to obtain desktop access by leveraging the absence of a login screen.
9693 CVE-2014-1990 352 CSRF 2014-04-19 2014-04-21
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the authentication of administrators for requests that change passwords.
9694 CVE-2014-1989 264 Bypass 2014-05-02 2014-05-02
6.0
None Remote Medium Single system Partial Partial Partial
Cybozu Garoon 3.0 through 3.7 SP3 allows remote authenticated users to bypass intended access restrictions and delete schedule information via unspecified API calls.
9695 CVE-2014-1984 287 2014-04-19 2019-07-16
6.8
None Remote Medium Not required Partial Partial Partial
Session fixation vulnerability in the management screen in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to hijack web sessions via unspecified vectors.
9696 CVE-2014-1979 94 2014-03-19 2014-03-20
6.8
None Remote Medium Not required Partial Partial Partial
The NTT DOCOMO sp mode mail application 5900 through 6300 for Android 4.0.x and 6000 through 6620 for Android 4.1 through 4.4 allows remote attackers to execute arbitrary Java methods via Deco-mail emoticon POP data in an e-mail message.
9697 CVE-2014-1974 22 Dir. Trav. 2014-04-19 2014-04-24
6.4
None Remote Low Not required None Partial Partial
Directory traversal vulnerability in the LYSESOFT AndExplorer application before 20140403 and AndExplorerPro application before 20140405 for Android allows attackers to overwrite or create arbitrary files via unspecified vectors.
9698 CVE-2014-1957 264 +Priv 2014-04-30 2014-07-18
6.5
User Remote Low Single system Partial Partial Partial
FortiGuard FortiWeb before 5.0.3 allows remote authenticated users to gain privileges via unspecified vectors.
9699 CVE-2014-1946 264 Bypass 2018-04-10 2019-04-26
6.5
None Remote Low Single system Partial Partial Partial
OpenDocMan 1.2.7 and earlier does not properly validate allowed actions, which allows remote authenticated users to bypass an intended access restrictions and assign administrative privileges to themselves via a crafted request to signup.php.
9700 CVE-2014-1915 352 Bypass CSRF 2014-02-07 2014-02-21
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to hijack the authentication of (1) administrators for requests that change the administrator password via an update action to sw/admin_change_password.php or (2) unspecified victims for requests that add a topic or blog entry to sw/add_topic.php. NOTE: vector 2 can be leveraged to bypass the authentication requirements for exploiting vector 1 in CVE-2014-1914.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.