Total
35862 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6385 | 1 Juniper | 1 Junos | 2026-06-17 | 6.1 MEDIUM | N/A |
| Juniper Junos 11.4 before 11.4R13, 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, 12.2 before 12.2R9, 12.3R7 before 12.3R7-S1, 12.3 before 12.3R8, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R2, and 14.2 before 14.2R1 allows remote attackers to cause a denial of service (kernel crash and restart) via a crafted fragmented OSPFv3 packet with an IPsec Authentication Header (AH). | |||||
| CVE-2014-6352 | 1 Microsoft | 8 Windows 7, Windows 8, Windows 8.1 and 5 more | 2026-06-17 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document. | |||||
| CVE-2014-6324 | 1 Microsoft | 6 Windows 7, Windows 8, Windows 8.1 and 3 more | 2026-06-17 | 9.0 HIGH | 8.8 HIGH |
| The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka "Kerberos Checksum Vulnerability." | |||||
| CVE-2014-6292 | 1 In2code | 1 Femanager | 2026-06-17 | 6.4 MEDIUM | N/A |
| The femanager extension before 1.0.9 for TYPO3 allows remote frontend users to modify or delete the records of other frontend users via unspecified vectors. | |||||
| CVE-2014-6236 | 1 Lumonet Php Include Project | 1 Lumonet Php Include | 2026-06-17 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the LumoNet PHP Include (lumophpinclude) extension before 1.2.1 for TYPO3 allows remote attackers to execute arbitrary scripts via vectors related to extension links. | |||||
| CVE-2014-6235 | 1 Kennziffer | 1 Ke Dompdf | 2026-06-17 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2014-6232 | 1 Ldap Project | 1 Ldap | 2026-06-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the LDAP (eu_ldap) extension before 2.8.18 for TYPO3 allows remote authenticated users to obtain sensitive information via unknown vectors. | |||||
| CVE-2014-6231 | 1 Cwt Frontend Edit Project | 1 Cwt Frontend Edit | 2026-06-17 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the CWT Frontend Edit (cwt_feedit) extension before 1.2.5 for TYPO3 allows remote authenticated users to execute arbitrary code via unknown vectors. | |||||
| CVE-2014-6133 | 1 Ibm | 1 Api Management | 2026-06-17 | 2.1 LOW | N/A |
| IBM API Management 3.x before 3.0.1.0 allows local users to obtain sensitive ciphertext information via unspecified vectors. | |||||
| CVE-2014-6082 | 1 Ibm | 2 Security Access Manager For Mobile, Security Access Manager For Web | 2026-06-17 | 4.0 MEDIUM | N/A |
| IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote authenticated users to cause a denial of service (administration UI outage) via unspecified vectors. | |||||
| CVE-2014-6059 | 1 Vasyltech | 1 Advanced Access Manager | 2026-06-17 | 6.5 MEDIUM | 7.2 HIGH |
| WordPress Advanced Access Manager Plugin before 2.8.2 has an Arbitrary File Overwrite Vulnerability | |||||
| CVE-2014-5342 | 1 Arubanetworks | 1 Clearpass | 2026-06-17 | 10.0 HIGH | N/A |
| Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2014-6627. | |||||
| CVE-2014-5339 | 1 Check Mk Project | 1 Check Mk | 2026-06-17 | 4.9 MEDIUM | N/A |
| Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allows remote authenticated users to write check_mk config files (.mk files) to arbitrary locations via vectors related to row selections. | |||||
| CVE-2014-5329 | 1 Tripodworks | 6 Gigapod 2010, Gigapod 2010 Firmware, Gigapod 3 and 3 more | 2026-06-17 | N/A | 7.5 HIGH |
| GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation. 8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition. | |||||
| CVE-2014-5285 | 1 Tibco | 1 Spotfire Server | 2026-06-17 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Authentication Module in TIBCO Spotfire Server before 4.5.2, 5.0.x before 5.0.3, 5.5.x before 5.5.2, 6.0.x before 6.0.3, and 6.5.x before 6.5.1 allows remote attackers to gain privileges, and obtain sensitive information or modify data, via unknown vectors. | |||||
| CVE-2014-5278 | 1 Docker | 1 Docker | 2026-06-17 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs. | |||||
| CVE-2014-5250 | 1 Biblio Autocomplete Project | 1 Biblio Autocomplete | 2026-06-17 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the AJAX autocompletion callback in the Biblio Autocomplete module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to access data via unspecified vectors. | |||||
| CVE-2014-5203 | 1 Wordpress | 1 Wordpress | 2026-06-17 | 7.5 HIGH | N/A |
| wp-includes/class-wp-customize-widgets.php in the widget implementation in WordPress 3.9.x before 3.9.2 might allow remote attackers to execute arbitrary code via crafted serialized data. | |||||
| CVE-2014-5074 | 1 Siemens | 8 Simatic S7-1500 Cpu Firmware, Simatic S7-1511-1 Pn Cpu, Simatic S7-1513-1 Pn Cpu and 5 more | 2026-06-17 | 7.1 HIGH | N/A |
| Siemens SIMATIC S7-1500 CPU devices with firmware before 1.6 allow remote attackers to cause a denial of service (device restart and STOP transition) via crafted TCP packets. | |||||
| CVE-2014-5013 | 1 Dompdf Project | 1 Dompdf | 2026-06-17 | 6.8 MEDIUM | 8.8 HIGH |
| DOMPDF before 0.6.2 allows remote code execution, a related issue to CVE-2014-2383. | |||||
