Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-0413 | 1 Oracle | 1 Fusion Middleware | 2014-04-16 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0426. | |||||
| CVE-2014-0614 | 1 Juniper | 1 Junos | 2014-04-15 | 7.1 HIGH | N/A |
| Juniper Junos 13.2 before 13.2R3 and 13.3 before 13.3R1, when PIM is enabled, allows remote attackers to cause a denial of service (kernel panic and crash) via a large number of crafted IGMP packets. | |||||
| CVE-2014-2142 | 1 Cisco | 3 Cisco Ons 15454 System Software, Ons 15454, Ons 15454 System Software | 2014-04-14 | 5.0 MEDIUM | N/A |
| Cisco ONS 15454 controller cards with software 10.0 and earlier allow remote attackers to cause a denial of service (card reload) via a crafted HTTP URI, aka Bug ID CSCun06870. | |||||
| CVE-2014-2140 | 1 Cisco | 2 Cisco Ons 15454 System Software, Ons 15454 | 2014-04-14 | 5.0 MEDIUM | N/A |
| Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (card reset) via a TCP FIN attack that triggers file-descriptor exhaustion and a failure to open a CAL pipe, aka Bug ID CSCug97348. | |||||
| CVE-2014-2139 | 1 Cisco | 2 Cisco Ons 15454 System Software, Ons 15454 | 2014-04-14 | 5.0 MEDIUM | N/A |
| Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (flash write outage) via a TCP FIN attack that triggers file-descriptor exhaustion, aka Bug ID CSCug97315. | |||||
| CVE-2014-0349 | 1 J2k-codec | 1 J2k-codec | 2014-04-14 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in J2k-Codec allow remote attackers to execute arbitrary code via a crafted JPEG 2000 file. | |||||
| CVE-2013-7363 | 1 Sap | 1 Solution Manager | 2014-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Diagnostics (SMD) agent in SAP Solution Manager allows remote attackers to obtain sensitive information, modify the configuration of applications, and install or remove applications via vectors involving the P4 protocol. | |||||
| CVE-2013-7360 | 1 Sap | 1 Adminadapter | 2014-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in SAP adminadapter allows remote attackers to read or write to arbitrary files via unknown vectors. | |||||
| CVE-2013-7359 | 1 Sap | 1 Mobile Infrastructure | 2014-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in SAP Mobile Infrastructure allows remote attackers to obtain sensitive port information via unknown vectors, related to an "internal port scanning" issue. | |||||
| CVE-2013-7358 | 1 Sap | 1 Guided Procedures Archive Monitor | 2014-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in SAP Guided Procedures Archive Monitor allows remote attackers to obtain usernames, roles, profiles, and possibly other identity information via unknown vectors. | |||||
| CVE-2013-7357 | 1 Sap | 1 J2ee Engine | 2014-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the configuration service in SAP J2EE Engine allows remote attackers to obtain credential information via unknown vectors. | |||||
| CVE-2013-7356 | 1 Sap | 1 Ccms \/ Database Monitor | 2014-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the SAP CCMS / Database Monitors for Oracle allows attackers to obtain the database password via unknown vectors. | |||||
| CVE-2014-2544 | 1 Tibco | 7 Analyst, Automation Services, Deployment Kit and 4 more | 2014-04-10 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2014-2143 | 1 Cisco | 2 Ios, Ios Xe | 2014-04-04 | 5.0 MEDIUM | N/A |
| The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021. | |||||
| CVE-2013-7350 | 1 Checkpoint | 1 Security Gateway | 2014-04-01 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Check Point Security Gateway 80 R71.x before R71.45 (730159141) and R75.20.x before R75.20.4 and 600 and 1100 appliances R75.20.x before R75.20.42 have unknown impact and attack vectors related to "important security fixes." | |||||
| CVE-2014-2034 | 1 Sonatype | 1 Nexus | 2014-04-01 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Sonatype Nexus OSS and Pro 2.4.0 through 2.7.1 allows attackers to create arbitrary user accounts via unknown vectors related to "an unauthenticated execution path." | |||||
| CVE-2013-2278 | 1 Jgaa | 1 Warftpd | 2014-04-01 | 10.0 HIGH | N/A |
| Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when running as a Windows service, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to log messages and the "internal log handler to the Windows Event log." | |||||
| CVE-2013-6661 | 1 Google | 1 Chrome | 2014-03-31 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknown vectors. | |||||
| CVE-2013-4407 | 1 Http-body Project | 1 Http-body | 2014-03-31 | 6.8 MEDIUM | N/A |
| HTTP::Body::Multipart in the HTTP-Body 1.08, 1.17, and earlier module for Perl uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may assume the suffix is well-formed. | |||||
| CVE-2013-1380 | 5 Adobe, Apple, Google and 2 more | 7 Adobe Air, Adobe Air Sdk, Flash Player and 4 more | 2014-03-25 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-1378. | |||||