Export limit exceeded: 20208 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20208 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-2967 | 1 Autodesk | 1 Vred | 2025-04-12 | N/A |
| Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code via Python os library calls in Python API commands to the integrated web server. | ||||
| CVE-2014-2959 | 2 Dell, Quantum | 4 Powervault Ml6000, Powervault Ml6000 Firmware, Scalar I500 and 1 more | 2025-04-12 | N/A |
| logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103) and the Quantum Scalar i500 tape backup system with firmware before i8.2.2.1 (646G.GS002) allows remote attackers to execute arbitrary commands via shell metacharacters in a pathname parameter. | ||||
| CVE-2014-3007 | 2 Python, Pythonware | 2 Pillow, Python Imaging Library | 2025-04-12 | N/A |
| Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possibly JpegImagePlugin.py. | ||||
| CVE-2014-3008 | 1 Unitrends | 1 Enterprise Backup | 2025-04-12 | N/A |
| Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the comm parameter to recoveryconsole/bpl/snmpd.php. | ||||
| CVE-2014-3085 | 1 Ibm | 2 Global Console Manager 16 Firmware, Global Console Manager 32 Firmware | 2025-04-12 | N/A |
| systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter. | ||||
| CVE-2014-3121 | 1 Marc Lehmann | 1 Rxvt-unicode | 2025-04-12 | N/A |
| rxvt-unicode before 9.20 does not properly handle OSC escape sequences, which allows user-assisted remote attackers to manipulate arbitrary X window properties and execute arbitrary commands. | ||||
| CVE-2014-3677 | 1 Redhat | 2 Enterprise Linux, Shim | 2025-04-12 | N/A |
| Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption. | ||||
| CVE-2014-3686 | 4 Canonical, Debian, Redhat and 1 more | 5 Ubuntu Linux, Debian Linux, Enterprise Linux and 2 more | 2025-04-12 | N/A |
| wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame. | ||||
| CVE-2014-3883 | 1 Webmin | 1 Usermin | 2025-04-12 | N/A |
| Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via unspecified vectors related to a user action. | ||||
| CVE-2014-4823 | 1 Ibm | 5 Security Access Manager For Mobile 8.0 Firmware, Security Access Manager For Mobile Appliance, Security Access Manager For Web 7.0 Firmware and 2 more | 2025-04-12 | N/A |
| The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors. | ||||
| CVE-2015-0235 | 7 Apple, Debian, Gnu and 4 more | 22 Mac Os X, Debian Linux, Glibc and 19 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST." | ||||
| CVE-2014-6184 | 4 Apple, Ibm, Linux and 1 more | 4 Macos, Tivoli Storage Manager, Linux Kernel and 1 more | 2025-04-12 | N/A |
| Stack-based buffer overflow in dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4 through 5.4.3.6, 5.5 through 5.5.4.3, 6.1 through 6.1.5.6, 6.2 before 6.2.5.4, and 6.3 before 6.3.2.3 on UNIX, Linux, and OS X allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2016-7161 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 9.8 Critical |
| Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet. | ||||
| CVE-2014-8767 | 2 Opensuse, Redhat | 2 Opensuse, Tcpdump | 2025-04-12 | N/A |
| Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame. | ||||
| CVE-2014-8768 | 4 Canonical, Opensuse, Oracle and 1 more | 4 Ubuntu Linux, Opensuse, Solaris and 1 more | 2025-04-12 | N/A |
| Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame. | ||||
| CVE-2014-8769 | 1 Redhat | 1 Tcpdump | 2025-04-12 | N/A |
| tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access. | ||||
| CVE-2014-9727 | 1 Avm | 1 Fritz\!box | 2025-04-12 | N/A |
| AVM Fritz!Box allows remote attackers to execute arbitrary commands via shell metacharacters in the var:lang parameter to cgi-bin/webcm. | ||||
| CVE-2015-0525 | 1 Emc | 1 Secure Remote Services | 2025-04-12 | N/A |
| The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary OS commands via unspecified vectors. | ||||
| CVE-2015-0569 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 7.8 High |
| Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that establishes a packet filter. | ||||
| CVE-2015-0570 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 7.8 High |
| Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that uses a long WPS IE element. | ||||