Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 202651 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2014-8957 Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 allows remote authenticated users to inject arbitrary web script or HTML via the Tasks parameter. -- Oct 6, 2017 n/a
CVE-2014-8945 admin.php?page=projects in Lexiglot through 2014-11-20 allows command injection via username and password fields. HIGH Jun 2, 2020 n/a
CVE-2014-8944 Lexiglot through 2014-11-20 allows XSS (Reflected) via the username, or XSS (Stored) via the admin.php?page=config install_name, intro_message, or new_file_content parameter. LOW Jun 2, 2020 n/a
CVE-2014-8943 Lexiglot through 2014-11-20 allows SSRF via the admin.php?page=projects svn_url parameter. MEDIUM Jun 2, 2020 n/a
CVE-2014-8942 Lexiglot through 2014-11-20 allows CSRF. MEDIUM Jun 2, 2020 n/a
CVE-2014-8941 Lexiglot through 2014-11-20 allows SQL injection via an admin.php?page=users&from_id= or admin.php?page=history&limit= URI. HIGH Jun 2, 2020 n/a
CVE-2014-8940 Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (names and details of projects) by visiting the /update.log URI. MEDIUM Jun 2, 2020 n/a
CVE-2014-8939 Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (full path) via an include/smarty/plugins/modifier.date_format.php request if PHP has a non-recommended configuration that produces warning messages. MEDIUM Jun 2, 2020 n/a
CVE-2014-8938 Lexiglot through 2014-11-20 allows local users to obtain sensitive information by listing a process because the username and password are on the command line. LOW Jun 2, 2020 n/a
CVE-2014-8937 Lexiglot through 2014-11-20 allows denial of service because api/update.php launches svn update operations that use a great deal of resources. MEDIUM Jun 2, 2020 n/a
CVE-2014-8936 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8935 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8934 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8933 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8932 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8931 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8929 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8928 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8903 IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5iFix10 and 6.0.5 before 6.0.5.6 allows remote authenticated users to load arbitrary Java classes via unspecified vectors. -- Aug 2, 2017 n/a
CVE-2014-8900 Cross-site request forgery (CSRF) vulnerability in IBM UrbanCode Release 6.0.1.6 and earlier, 6.1.0.7 and earlier, and 6.1.1.1 and earlier. Medium Sep 3, 2017 n/a
CVE-2014-8889 Dropbox SDK for Android before 1.6.2 might allow remote attackers to obtain sensitive information via crafted malware or via a drive-by download attack. -- Sep 25, 2017 n/a
CVE-2014-8888 The remote administration interface in D-Link DIR-815 devices with firmware before 2.03.B02 allows remote attackers to execute arbitrary commands via vectors related to an HTTP command injection issue. HIGH Apr 12, 2018 n/a
CVE-2014-8878 KDE KMail does not encrypt attachments in emails when automatic encryption is enabled, which allows remote attackers to obtain sensitive information by sniffing the network. Medium Oct 6, 2017 n/a
CVE-2014-8872 Improper Verification of Cryptographic Signature in AVM FRITZ!Box 6810 LTE after firmware 5.22, FRITZ!Box 6840 LTE after firmware 5.23, and other models with firmware 5.50. -- Aug 28, 2017 n/a
CVE-2014-8871 Directory traversal vulnerability in hybris Commerce software suite 5.0.3.3 and earlier, 5.0.0.3 and earlier, 5.0.4.4 and earlier, 5.1.0.1 and earlier, 5.1.1.2 and earlier, 5.2.0.3 and earlier, and 5.3.0.1 and earlier. Medium Sep 7, 2017 n/a
CVE-2014-8865 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8864 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8863 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8862 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8861 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8860 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8859 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8858 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8857 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8856 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8855 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8854 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8853 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8852 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8851 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8850 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8849 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8848 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8847 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8846 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8845 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8844 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8843 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none -- Nov 7, 2023 n/a
CVE-2014-8842 Rejected reason: This candidate is unused by its CNA. -- Nov 7, 2023 n/a
CVE-2014-8841 Rejected reason: This candidate is unused by its CNA. -- Nov 7, 2023 n/a
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online