Security Vulnerabilities, CVEs, Published In 2014
The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding, which launches a terminal window.
Max CVSS
10.0
EPSS Score
0.40%
Published
2014-05-21
Updated
2014-05-31
Stack-based buffer overflow in wpsio.dll in Kingsoft WPS Office 2012 possibly 8.1.0.3238 allows remote attackers to execute arbitrary code via a long BSTR string.
Max CVSS
10.0
EPSS Score
42.42%
Published
2014-03-24
Updated
2017-08-29
Stack-based buffer overflow in FreeFloat FTP Server 1.0 allows remote authenticated users to execute arbitrary code via a long string in a PUT command.
Max CVSS
10.0
EPSS Score
29.97%
Published
2014-06-20
Updated
2017-08-29
The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job.
Max CVSS
10.0
EPSS Score
0.52%
Published
2014-06-06
Updated
2014-06-09
Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument.
Max CVSS
10.0
EPSS Score
44.85%
Published
2014-04-04
Updated
2017-08-29
Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before SR13-FP1, 5.0 before SR16-FP1, and 1.4.2 before SR13-FP16 has unknown impact and attack vectors related to Class Libraries.
Max CVSS
10.0
EPSS Score
0.36%
Published
2014-01-21
Updated
2016-05-25
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621.
Max CVSS
10.0
EPSS Score
18.37%
Published
2014-01-30
Updated
2014-02-21
Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when running as a Windows service, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to log messages and the "internal log handler to the Windows Event log."
Max CVSS
10.0
EPSS Score
1.80%
Published
2014-04-01
Updated
2014-04-01
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1866.
Max CVSS
10.0
EPSS Score
83.47%
Published
2014-01-04
Updated
2019-10-09
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1869.
Max CVSS
10.0
EPSS Score
83.47%
Published
2014-01-04
Updated
2019-10-09
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1870.
Max CVSS
10.0
EPSS Score
83.47%
Published
2014-01-04
Updated
2019-10-09
CVE-2013-2347
Public exploit
The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.
Max CVSS
10.0
EPSS Score
43.05%
Published
2014-01-04
Updated
2019-10-09
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1892.
Max CVSS
10.0
EPSS Score
83.47%
Published
2014-01-04
Updated
2019-10-09
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1896.
Max CVSS
10.0
EPSS Score
83.47%
Published
2014-01-04
Updated
2019-10-09
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1897.
Max CVSS
10.0
EPSS Score
83.47%
Published
2014-01-04
Updated
2019-10-09
Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack.
Max CVSS
10.0
EPSS Score
0.60%
Published
2014-12-08
Updated
2017-08-29
The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.
Max CVSS
10.0
EPSS Score
0.52%
Published
2014-01-15
Updated
2014-01-16
The SSH service on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and 5324 2.0.1.4 switches allows remote attackers to cause a denial of service (device reset) or possibly execute arbitrary code by sending many packets to TCP port 22.
Max CVSS
10.0
EPSS Score
1.94%
Published
2014-01-20
Updated
2017-08-29
SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors.
Max CVSS
10.0
EPSS Score
0.18%
Published
2014-02-26
Updated
2014-03-10
Multiple unspecified vulnerabilities in OpenAL32.dll in JOAL 2.0-rc11, as used in JOGAMP, allow context-dependent attackers to execute arbitrary code via a crafted parameter to the (1) alAuxiliaryEffectSlotf1, (2) alBuffer3f1, (3) alBufferfv1, (4) alDeleteEffects1, (5) alEffectf1, (6) alEffectfv1, (7) alEffectiv1, (8) alEnable1, (9) alFilterfv1, (10) alFilteriv1, (11) alGenAuxiliaryEffectSlots1, (12) alGenEffects1, (13) alGenFilters1, (14) alGenSources1, (15) alGetAuxiliaryEffectSlotiv1, (16) alGetBuffer3f1, (17) alGetBuffer3i1, (18) alGetBufferf1, (19) alGetBufferiv1, (20) alGetDoublev1, (21) alGetEffectf1, (22) alGetEffectfv1, (23) alGetEffectiv1, (24) alGetEnumValue1, (25) alGetFilteri1, (26) alGetFilteriv1, (27) alGetFloat1, (28) alGetFloatv1, (29) alGetListener3f1, (30) alGetListener3i1, (31) alGetListenerf1, (32) alGetListeneri1, (33) alGetListeneriv1, (34) alGetProcAddress1, (35) alGetProcAddressStatic, (36) alGetSource3f1, (37) alGetSource3i1, (38) alGetSourcef1, (39) alGetSourcefv1, (40) alGetSourcei1, (41) alGetSourceiv1, (42) alGetString1java/lang/String;, (43) alIsAuxiliaryEffectSlot1, (44) alIsBuffer1, (45) alIsEffect1, (46) alIsExtensionPresent1, (47) alIsFilter1, (48) alListener3f1, (49) alListener3i1, (50) alListenerf1, (51) alListenerfv1, (52) alListeneri1, (53) alListeneriv1, (54) alSource3f1, (55) alSource3i1, (56) alSourcef1, (57) alSourcefv1, (58) alSourcei1, (59) alSourceiv1, (60) alSourcePause1, (61) alSourcePausev1, (62) alSourcePlay1, (63) alSourcePlayv1, (64) alSourceQueueBuffers1, (65) alSourceRewindv1, (66) alSourceStop1, (67) alSourceStopv1, (68) alSourceUnqueueBuffers1, or (69) alSpeedOfSound1 method in jogamp.openal.ALImpl.dispatch.
Max CVSS
10.0
EPSS Score
1.55%
Published
2014-06-13
Updated
2014-06-18
Multiple integer overflows in lib/openjp3d/jp3d.c in OpenJPEG before 1.5.2 allow remote attackers to have unspecified impact and vectors, which trigger a heap-based buffer overflow.
Max CVSS
10.0
EPSS Score
0.73%
Published
2014-04-18
Updated
2020-09-09
Stack-based buffer overflow in OpenJPEG before 1.5.2 allows remote attackers to have unspecified impact via unknown vectors to (1) lib/openjp3d/opj_jp3d_compress.c, (2) bin/jp3d/convert.c, or (3) lib/openjp3d/event.c.
Max CVSS
10.0
EPSS Score
1.34%
Published
2014-04-18
Updated
2020-09-09
CVE-2013-4730
Public exploit
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USER command.
Max CVSS
10.0
EPSS Score
76.59%
Published
2014-05-15
Updated
2016-12-31
Unspecified vulnerability in dbd_manager in LeftHand OS before 11.0 in HP StoreVirtual 4000 and StoreVirtual VSA Software (formerly LeftHand Virtual SAN Appliance) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1509.
Max CVSS
10.0
EPSS Score
85.93%
Published
2014-02-26
Updated
2019-10-09
Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E IP camera with firmware 4.1.0 b130111 (Jan 2013), and possibly other devices, allows remote attackers to cause a denial of service (device crash and reboot) and possibly execute arbitrary code via a long string in the Range header field in an RTSP transaction.
Max CVSS
10.0
EPSS Score
9.59%
Published
2014-03-03
Updated
2017-08-29
7928 vulnerabilities found
1
2
3
4
5
6 ......
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318