CVE.report search for "CVE-2014-9708"
Listed below are 50 relevant search results for "CVE-2014-9708" based on Vendor, Software, and CVE description
These results are gathered from attempted matches with listed vendor and software data, as well as a keyword search in the description of all known CVEs.
If you notice a "Not Listed" in either the vendor or software columns, the underlying source record does not currently include normalized affected-product data.
Search Results
| CVE ID | Vendor | Software | Description |
|---|---|---|---|
| CVE-2026-23407 | In the Linux kernel, the following vulnerability has been resolved: apparmor: fix missing bounds check on DEFAULT table in v... | ||
| CVE-2026-23406 | In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in match_char() macro usag... | ||
| CVE-2026-23336 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel rfkill_block work in wiphy_unregi... | ||
| CVE-2026-23273 | In the Linux kernel, the following vulnerability has been resolved: macvlan: observe an RCU grace period in macvlan_common_n... | ||
| CVE-2023-24058 | Twinkletoessoftware | Booked | Booked Scheduler 2.5.5 allows authenticated users to create and schedule events for any other user via a modified userId valu... |
| CVE-2022-31546 | Glance Project | Glance | The nlpweb/glance repository through 2014-06-27 on GitHub allows absolute path traversal because the Flask send_file function... |
| CVE-2022-31511 | Equanimity Project | Equanimity | The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal because the Flask send_file fu... |
| CVE-2022-29965 | Emerson | Deltav Distributed Control System | The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. Access to p... |
| CVE-2022-29964 | Emerson | Deltav Distributed Control System Sq Controller | The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. WIOC SSH pr... |
| CVE-2022-29963 | Emerson | Deltav Distributed Control System Sq Controller | The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. TELNET on p... |
| CVE-2022-29962 | Emerson | Deltav Distributed Control System Sq Controller | The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. FTP has har... |
| CVE-2021-41555 | Archibus | Web Central | ** UNSUPPORTED WHEN ASSIGNED ** In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), XSS occurs in /archibus/dwr/call/pl... |
| CVE-2021-41554 | Archibus | Web Central | ** UNSUPPORTED WHEN ASSIGNED ** ARCHIBUS Web Central 21.3.3.815 (a version from 2014) does not properly validate requests for... |
| CVE-2021-41553 | Archibus | Web Central | ** UNSUPPORTED WHEN ASSIGNED ** In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), the Web Application in /archibus/lo... |
| CVE-2021-41114 | Typo3 | Typo3 | TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3... |
| CVE-2021-35309 | Samsung | Syncthru Web Service | An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MIT... |
| CVE-2021-29281 | Gfi | Archiver | File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web U... |
| CVE-2021-27395 | Siemens | Simatic Process Historian 2013 | A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier (All versions), SIMATIC Process Historian 2... |
| CVE-2021-20723 | Mailform01 Project | Mailform01 | Reflected cross-site scripting vulnerability in [MailForm01] free edition (versions which the last updated date listed at the... |
| CVE-2020-27524 | Audi | A7 | On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version (N+R_CN_AU_P0395) mishandles %x and... |
| CVE-2020-15617 | Centos-webpanel | Centos Web Panel | This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cw... |
| CVE-2019-19790 | Telerik | Radchart | Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote attacker to read and delete an image with extension... |
| CVE-2019-15521 | Fork-cms | Fork Cms | Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and other products, allows PHP object injection via a cook... |
| CVE-2019-12363 | Mybb-2fa Project | Mybb-2fa | An CSRF issue was discovered in the JN-Jones MyBB-2FA plugin through 2014-11-05 for MyBB. An attacker can forge a request to ... |
| CVE-2019-7720 | Taogogo | Taocms | taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a co... |
| CVE-2019-6689 | Dillonkane | Tidal Workload Automation | An issue was discovered in Dillon Kane Tidal Workload Automation Agent 3.2.0.5 (formerly known as Cisco Workload Automation o... |
| CVE-2019-3834 | Redhat | Jboss Operations Network | It was found that the fix for CVE-2014-0114 had been reverted in JBoss Operations Network 3 (JON). This flaw allows attackers... |
| CVE-2019-0223 | Apache | Qpid | While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C... |
| CVE-2018-1000220 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5462. Reason: This candidate is a reservation duplicat... | ||
| CVE-2018-19860 | Broadcom | Bcm4335c0 | Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed ot... |
| CVE-2018-19853 | Hitshop Project | Hitshop | An issue was discovered in hitshop through 2014-07-15. There is an elevation-of-privilege vulnerability (that allows control ... |
| CVE-2018-19787 | Canonical | Ubuntu Linux | An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: UR... |
| CVE-2018-18895 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-3004. Reason: This candidate is a duplicate of CVE-2014... | ||
| CVE-2018-17051 | Knet | Cisco Configuration Manager | K-Net Cisco Configuration Manager through 2014-11-19 has XSS via devices.php. |
| CVE-2018-17043 | Doc2txt Project | Doc2txt | An issue has been found in doc2txt through 2014-03-19. It is a heap-based buffer overflow in the function Storage::init in St... |
| CVE-2018-16588 | Suse | Linux Enterprise | Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package through 4.2.1... |
| CVE-2018-16253 | Axtls Project | Axtls | In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not properly verify ... |
| CVE-2018-16152 | Canonical | Ubuntu Linux | In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA im... |
| CVE-2018-15846 | Fledrcms Project | Fledrcms | An issue was discovered in fledrCMS through 2014-02-03. There is a CSRF vulnerability that can change the administrator's pas... |
| CVE-2018-15565 | Simple-cms Project | Simple Cms | An issue was discovered in daveismyname simple-cms through 2014-03-11. admin/addpage.php does not require authentication for ... |
| CVE-2018-15564 | Simple-cms Project | Simple Cms | An issue was discovered in daveismyname simple-cms through 2014-03-11. There is a CSRF vulnerability that can delete any page... |
| CVE-2018-14481 | Osclass | Osclass | Osclass 3.7.4 has XSS via the query string to index.php, a different vulnerability than CVE-2014-6280. |
| CVE-2018-11098 | Frog Cms Project | Frog Cms | An issue was discovered in Frog CMS 0.9.5. There is a file upload vulnerability via the admin/?/plugin/file_manager/upload UR... |
| CVE-2018-10628 | Aveva | Intouch 2014 | AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated ... |
| CVE-2018-9059 | Sharing-file | Easy File Sharing Web Server | Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a... |
| CVE-2018-5986 | Easycarscript | Easycarscript | SQL Injection exists in Easy Car Script 2014 via the s_order or s_row parameter to site_search.php. |
| CVE-2018-5201 | Hancom | Hancom Office 2010 | Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO 9.6.1.10472 and earlier, Hancom Office 2014 9.1.1.4540 and earl... |
| CVE-2018-3968 | Denx | U-boot | An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2... |
| CVE-2017-18571 | Search Everything Project | Search Everything | The search-everything plugin before 8.1.7 for WordPress has SQL injection related to WordPress 4.7.x, a different vulnerabili... |
| CVE-2017-16844 | Procmail | Procmail | Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause ... |