Vulnerabilities (CVE)

Filtered by CWE-20
Total 11597 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-2121 1 Cisco 1 Hosted Collaboration Solution 2026-06-17 5.0 MEDIUM N/A
The Java-based software in Cisco Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (closing of TCP ports) via unspecified vectors, aka Bug IDs CSCug77633, CSCug77667, CSCug78266, CSCug82795, and CSCuh58643.
CVE-2014-2117 1 Cisco 1 Emergency Responder 2026-06-17 4.3 MEDIUM N/A
Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters, aka Bug ID CSCun37909.
CVE-2014-2116 1 Cisco 1 Emergency Responder 2026-06-17 4.3 MEDIUM N/A
Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject web pages and modify dynamic content via unspecified parameters, aka Bug ID CSCun37882.
CVE-2014-2113 1 Cisco 2 Ios, Ios Xe 2026-06-17 7.8 HIGH N/A
Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 before 3.7.5S; and 3.8, 3.9, and 3.10 before 3.10.2S allow remote attackers to cause a denial of service (I/O memory consumption and device reload) via a malformed IPv6 packet, aka Bug ID CSCui59540.
CVE-2014-2112 1 Cisco 1 Ios 2026-06-17 7.8 HIGH N/A
The SSL VPN (aka WebVPN) feature in Cisco IOS 15.1 through 15.4 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP requests, aka Bug ID CSCuf51357.
CVE-2014-2111 1 Cisco 1 Ios 2026-06-17 7.1 HIGH N/A
The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996.
CVE-2014-2109 1 Cisco 1 Ios 2026-06-17 7.8 HIGH N/A
The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494.
CVE-2014-2108 1 Cisco 2 Ios, Ios Xe 2026-06-17 7.8 HIGH N/A
Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to cause a denial of service (device reload) via a malformed IKEv2 packet, aka Bug ID CSCui88426.
CVE-2014-2107 1 Cisco 1 Ios 2026-06-17 7.1 HIGH N/A
Cisco IOS 12.2 and 15.0 through 15.3, when used with the Kailash FPGA before 2.6 on RSP720-3C-10GE and RSP720-3CXL-10GE devices, allows remote attackers to cause a denial of service (route switch processor outage) via crafted IP packets, aka Bug ID CSCug84789.
CVE-2014-2106 1 Cisco 2 Ios, Ios Xe 2026-06-17 7.8 HIGH N/A
Cisco IOS 15.3M before 15.3(3)M2 and IOS XE 3.10.xS before 3.10.2S allow remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCug45898.
CVE-2014-2103 1 Cisco 1 Intrusion Prevention System 2026-06-17 6.8 MEDIUM N/A
Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309.
CVE-2014-2097 1 Ffmpeg 1 Ffmpeg 2026-06-17 6.8 MEDIUM N/A
The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted TAK (aka Tom's lossless Audio Kompressor) data.
CVE-2014-2039 1 Linux 1 Linux Kernel 2026-06-17 4.9 MEDIUM N/A
arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service (system crash) by executing a crafted instruction.
CVE-2014-2037 1 Xelerance 1 Openswan 2026-06-17 5.0 MEDIUM N/A
Openswan 2.6.40 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. NOTE: this vulnerability exists because of an incomplete fix for CVE 2013-6466.
CVE-2014-2032 2 Deadwood Project, Maradns Project 2 Deadwood, Maradns 2026-06-17 4.3 MEDIUM 5.9 MEDIUM
Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS before 1.4.14 and 2.x before 2.0.09, allow remote attackers to cause a denial of service (out-of-bounds read and crash) by leveraging permission to perform recursive queries against Deadwood, related to missing input validation.
CVE-2014-2003 1 Justsystems 2 Ichitaro, Just Online Update 2026-06-17 7.6 HIGH N/A
JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature.
CVE-2014-1991 1 Intra-mart 1 Webplatform\/appframework 2026-06-17 5.8 MEDIUM N/A
Open redirect vulnerability in WebPlatform / AppFramework 6.0 through 7.2 in NTT DATA INTRAMART intra-mart allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVE-2014-1985 1 Redmine 1 Redmine 2026-06-17 5.8 MEDIUM N/A
Open redirect vulnerability in the redirect_back_or_default function in app/controllers/application_controller.rb in Redmine before 2.4.5 and 2.5.x before 2.5.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the back url (back_url parameter).
CVE-2014-1937 1 Gamera Project 1 Gamera 2026-06-17 5.0 MEDIUM 7.5 HIGH
Gamera before 3.4.1 insecurely creates temporary files.
CVE-2014-1936 2 Debian, Rc Project 2 Debian Linux, Rc 2026-06-17 5.0 MEDIUM 7.5 HIGH
rc before 1.7.1-5 insecurely creates temporary files.