The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2014-9939 | ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects. | High | Mar 22, 2017 |
| CVE-2014-9938 | contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1 variable, allowing a malicious repository to cause code execution. | Medium | Mar 21, 2017 |
| CVE-2014-9937 | In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | High | May 23, 2017 |
| CVE-2014-9936 | In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel. | High | May 23, 2017 |
| CVE-2014-9935 | In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | High | May 23, 2017 |
| CVE-2014-9934 | A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding. | High | May 23, 2017 |
| CVE-2014-9933 | Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access. | High | May 23, 2017 |
| CVE-2014-9932 | In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation. | High | May 23, 2017 |
| CVE-2014-9931 | A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value. | High | May 23, 2017 |
| CVE-2014-9930 | In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | High | Jun 9, 2017 |
| CVE-2014-9929 | In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist. | High | Jun 9, 2017 |
| CVE-2014-9928 | In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | High | Jun 9, 2017 |
| CVE-2014-9927 | In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | High | Jun 9, 2017 |
| CVE-2014-9926 | In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | High | Jun 9, 2017 |
| CVE-2014-9925 | In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | High | Jun 9, 2017 |
| CVE-2014-9924 | In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur. | High | Jun 9, 2017 |
| CVE-2014-9923 | In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | High | Jun 9, 2017 |
| CVE-2014-9922 | The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c. | High | Apr 10, 2017 |
| CVE-2014-9921 | Information disclosure vulnerability in McAfee (now Intel Security) Cloud Analysis and Deconstructive Services (CADS) 1.0.0.3x, 1.0.0.4d and earlier allows remote unauthenticated users to view, add, and remove users via a configuration error. | High | Mar 23, 2017 |
| CVE-2014-9920 | Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1 before hotfix 399, 6.1.2 before hotfix 426, and 6.1.3 before hotfix 357 and earlier allows attackers to create a malformed Windows binary that is considered non-executable and is not protected through the whitelisting protection feature via a specific set of circumstances. | -- | Mar 14, 2017 |
| CVE-2014-9919 | An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the fullname parameter to signup.php. | MEDIUM | May 15, 2019 |
| CVE-2014-9918 | An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the user_id parameter to signup.php. | MEDIUM | May 15, 2019 |
| CVE-2014-9917 | An issue was discovered in Bilboplanet 2.0. There is a stored XSS vulnerability when adding a tag via the user/?page=tribes tags parameter. | MEDIUM | May 15, 2019 |
| CVE-2014-9916 | Multiple cross-site scripting (XSS) vulnerabilities in Bilboplanet 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) tribe_name or (2) tags parameter in a tribes page request to user/ or the (3) user_id or (4) fullname parameter to signup.php. | -- | Feb 23, 2017 |
| CVE-2014-9915 | Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile. | Medium | Mar 24, 2017 |
| CVE-2014-9914 | Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets. | HIGH | Feb 7, 2017 |
| CVE-2014-9913 | Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method. | Low | Jan 20, 2017 |
| CVE-2014-9912 | The get_icu_disp_value_src_php function in ext/intl/locale/locale_methods.c in PHP before 5.3.29, 5.4.x before 5.4.30, and 5.5.x before 5.5.14 does not properly restrict calls to the ICU uresbund.cpp component, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a locale_get_display_name call with a long first argument. | High | Jan 6, 2017 |
| CVE-2014-9911 | Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted uloc_getDisplayName call. | High | Jan 6, 2017 |
| CVE-2014-9910 | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31746399. References: B-RB#26710. | High | Jan 19, 2017 |
| CVE-2014-9909 | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31676542. References: B-RB#26684. | High | Jan 19, 2017 |
| CVE-2014-9908 | A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows malicious users to block Bluetooh access (Android Bug ID A-28672558). | LOW | Jan 13, 2020 |
| CVE-2014-9907 | coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file. | Medium | Apr 21, 2017 |
| CVE-2014-9905 | Multiple cross-site scripting (XSS) vulnerabilities in the Web Calendar in SOGo before 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) title of an appointment or (2) contact fields. | MEDIUM | Nov 7, 2019 |
| CVE-2014-9895 | drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize certain data structures, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28750150 and Qualcomm internal bug CR570757, a different vulnerability than CVE-2014-1739. | Medium | Aug 11, 2016 |
| CVE-2014-9870 | The Linux kernel before 3.11 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly consider user-space access to the TPIDRURW register, which allows local users to gain privileges via a crafted application, aka Android internal bug 28749743 and Qualcomm internal bug CR561044. | High | Aug 9, 2016 |
| CVE-2014-9854 | coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the identification of image. | Medium | Mar 21, 2017 |
| CVE-2014-9853 | Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. | Medium | Mar 21, 2017 |
| CVE-2014-9852 | distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors. | High | Mar 21, 2017 |
| CVE-2014-9851 | ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash). | Medium | Mar 22, 2017 |
| CVE-2014-9850 | Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption). | Medium | Mar 22, 2017 |
| CVE-2014-9849 | The png coder in ImageMagick allows remote attackers to cause a denial of service (crash). | Medium | Mar 22, 2017 |
| CVE-2014-9848 | Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). | Medium | Mar 22, 2017 |
| CVE-2014-9847 | The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. | High | Mar 22, 2017 |
| CVE-2014-9846 | Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. | High | Mar 22, 2017 |
| CVE-2014-9845 | The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. | Medium | Mar 22, 2017 |
| CVE-2014-9844 | The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. | Medium | Mar 22, 2017 |
| CVE-2014-9843 | The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors. | High | Mar 22, 2017 |
| CVE-2014-9842 | Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | Medium | Mar 22, 2017 |
| CVE-2014-9841 | The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to throwing of exceptions. | High | Mar 22, 2017 |
