Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-8532 | 1 Mcafee | 1 Network Data Loss Prevention | 2014-10-30 | 3.6 LOW | N/A |
| Unspecified vulnerability in McAfee Network Data Loss Prevention before (NDLP) before 9.3 allows local users to obtain sensitive information and impact integrity via unknown vectors, related to partition mounting. | |||||
| CVE-2014-8526 | 1 Mcafee | 1 Network Data Loss Prevention | 2014-10-30 | 2.1 LOW | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information by reading a Java stack trace. | |||||
| CVE-2014-8527 | 1 Mcafee | 1 Network Data Loss Prevention | 2014-10-30 | 3.6 LOW | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information and affect integrity via vectors related to a "plain text password." | |||||
| CVE-2014-8528 | 1 Mcafee | 1 Network Data Loss Prevention | 2014-10-30 | 2.1 LOW | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users to obtain sensitive information by reading the audit log. | |||||
| CVE-2014-8529 | 1 Mcafee | 1 Network Data Loss Prevention | 2014-10-30 | 2.1 LOW | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows local users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2014-8530 | 1 Mcafee | 1 Network Data Loss Prevention | 2014-10-30 | 7.5 HIGH | N/A |
| Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to obtain sensitive information, affect integrity, or cause a denial of service via unknown vectors, related to simultaneous logins. | |||||
| CVE-2014-8521 | 1 Mcafee | 1 Network Data Loss Prevention | 2014-10-30 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-8522 | 1 Mcafee | 1 Network Data Loss Prevention | 2014-10-30 | 7.5 HIGH | N/A |
| The MySQL database in McAfee Network Data Loss Prevention (NDLP) before 9.3 does not require a password, which makes it easier for remote attackers to obtain access. | |||||
| CVE-2014-8523 | 1 Mcafee | 1 Network Data Loss Prevention | 2014-10-30 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2014-8524 | 1 Mcafee | 1 Network Data Loss Prevention | 2014-10-30 | 5.0 MEDIUM | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.3 does not disable the autocomplete setting for the password and other fields, which allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2014-8519 | 1 Mcafee | 1 Network Data Loss Prevention | 2014-10-30 | 2.1 LOW | N/A |
| Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to read arbitrary files via unknown vectors. | |||||
| CVE-2014-8534 | 1 Mcafee | 1 Network Data Loss Prevention | 2014-10-30 | 2.1 LOW | N/A |
| Unspecified vulnerability in the login form in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to cause a denial of service via a crafted value in the domain field. | |||||
| CVE-2014-8535 | 1 Mcafee | 1 Network Data Loss Prevention | 2014-10-30 | 4.6 MEDIUM | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to bypass intended restriction on unspecified functionality via unknown vectors. | |||||
| CVE-2014-1927 | 1 Python-gnupg Project | 1 Python-gnupg | 2014-10-28 | 7.5 HIGH | N/A |
| The shell_quote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$(" command-substitution sequences, a different vulnerability than CVE-2014-1928. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323. | |||||
| CVE-2011-4953 | 1 Cobbler Project | 1 Cobbler | 2014-10-28 | 6.8 MEDIUM | N/A |
| The set_mgmt_parameters function in item.py in cobbler before 2.2.2 allows context-dependent attackers to execute arbitrary code via vectors related to the use of the yaml.load function instead of the yaml.safe_load function, as demonstrated using Puppet. | |||||
| CVE-2010-5077 | 3 Ioquake3, Openarena, Tremulous | 3 Ioquake3 Engine, Openarena, Tremulous | 2014-10-28 | 7.8 HIGH | N/A |
| server/sv_main.c in Quake3 Arena, as used in ioquake3 before r1762, OpenArena, Tremulous, and other products, allows remote attackers to cause a denial of service (network traffic amplification) via a spoofed (1) getstatus or (2) rcon request. | |||||
| CVE-2012-1111 | 1 Robert Ancell | 1 Lightdm | 2014-10-28 | 4.6 MEDIUM | N/A |
| lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact. | |||||
| CVE-2014-1929 | 1 Python-gnupg Project | 1 Python-gnupg | 2014-10-27 | 4.4 MEDIUM | N/A |
| python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323. | |||||
| CVE-2014-1928 | 1 Python-gnupg Project | 1 Python-gnupg | 2014-10-27 | 4.6 MEDIUM | N/A |
| The shell_quote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "\" (backslash) characters to form multi-command sequences, a different vulnerability than CVE-2014-1927. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323. | |||||
| CVE-2013-7408 | 1 F5 | 1 Big-ip Analytics | 2014-10-27 | 7.5 HIGH | N/A |
| F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session cookie, which makes it easier for remote attackers to have unspecified impact by guessing the value. | |||||