| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
701 |
CVE-2014-6540 |
|
|
|
2014-10-15 |
2014-11-19 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, before 4.2.26, and before 4.3.14 allows local users to affect availability via vectors related to Graphics driver (WDDM) for Windows guests. |
|
702 |
CVE-2014-6195 |
284 |
|
Bypass |
2015-02-14 |
2017-09-08 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage Manager (TSM) Backup-Archive client 5.4 and 5.5 before 5.5.4.4 on AIX, Linux, and Solaris; 5.4.x and 5.5.x on Windows and z/OS; 6.1 before 6.1.5.7 on z/OS; 6.1 and 6.2 before 6.2.5.2 on Windows, before 6.2.5.3 on AIX and Linux x86, and before 6.2.5.4 on Linux Z and Solaris; 6.3 before 6.3.2.1 on AIX, before 6.3.2.2 on Windows, and before 6.3.2.3 on Linux; 6.4 before 6.4.2.1; and 7.1 before 7.1.1 in IBM TSM for Mail, when the Data Protection for Lotus Domino component is used, allow local users to bypass authentication and restore a Domino database or transaction-log backup via unspecified vectors. |
|
703 |
CVE-2014-6146 |
200 |
|
+Info |
2014-11-08 |
2017-09-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the Connect:Direct Server Adapter is configured, does not properly process the logging configuration, which allows local users to obtain sensitive information by reading log files. |
|
704 |
CVE-2014-6134 |
200 |
|
+Info |
2015-03-25 |
2015-03-25 |
1.2 |
None |
Local |
High |
Not required |
Partial |
None |
None |
|
IBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, when Installation Manager before 1.8.2 is used, retains cleartext server passwords in process memory throughout the installation procedure, which might allow local users to obtain sensitive information by leveraging access to the installation account. |
|
705 |
CVE-2014-5423 |
255 |
|
+Info |
2014-10-19 |
2014-10-22 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 allows local users to obtain potentially sensitive information by reading a temporary (1) debugging file or (2) developer file. |
|
706 |
CVE-2014-5233 |
200 |
|
+Info |
2015-01-14 |
2015-11-13 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers to discover Sm@rtServer credentials by leveraging an error in the credential-processing mechanism. |
|
707 |
CVE-2014-5232 |
264 |
|
Bypass |
2015-01-14 |
2015-11-13 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows local users to bypass an intended application-password requirement by leveraging the running of the app in the background state. |
|
708 |
CVE-2014-5177 |
20 |
|
|
2014-08-03 |
2019-04-22 |
1.2 |
None |
Local |
High |
Not required |
Partial |
None |
None |
|
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors. |
|
709 |
CVE-2014-5036 |
200 |
|
+Info |
2014-09-05 |
2014-09-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Storage Controller (SC) component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell Equallogic SAN is used, logs the CHAP user credentials, which allows local users to obtain sensitive information by reading the logs. |
|
710 |
CVE-2014-5030 |
59 |
|
|
2014-07-29 |
2017-01-07 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py. |
|
711 |
CVE-2014-5029 |
59 |
|
|
2014-07-29 |
2017-01-07 |
1.5 |
None |
Local |
Medium |
??? |
Partial |
None |
None |
|
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537. |
|
712 |
CVE-2014-4995 |
200 |
|
+Info |
2018-01-10 |
2018-01-30 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed. |
|
713 |
CVE-2014-4822 |
255 |
|
|
2014-10-19 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IBM WebSphere MQ classes for Java libraries 8.0 before 8.0.0.1 and Websphere MQ Explorer 7.5 before 7.5.0.5 and 8.0 before 8.0.0.2 allow local users to discover preconfigured cleartext passwords via an unspecified trace operation. |
|
714 |
CVE-2014-4812 |
200 |
|
+Info |
2014-10-26 |
2017-08-29 |
1.8 |
None |
Local Network |
High |
Not required |
Partial |
None |
None |
|
The installer in IBM Security AppScan Source 8.x and 9.x through 9.0.1 has an open network port for a debug service, which allows remote attackers to obtain sensitive information by connecting to this port. |
|
715 |
CVE-2014-4652 |
362 |
|
+Info |
2014-07-03 |
2020-08-14 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access. |
|
716 |
CVE-2014-4450 |
255 |
|
|
2014-10-22 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The QuickType feature in the Keyboards subsystem in Apple iOS before 8.1 collects typing-prediction data from fields with an off autocomplete attribute, which makes it easier for attackers to discover credentials by reading credential values within unintended DOM input elements. |
|
717 |
CVE-2014-4448 |
310 |
|
+Info |
2014-10-22 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID. |
|
718 |
CVE-2014-4447 |
310 |
|
|
2014-10-18 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Profile Manager in Apple OS X Server before 4.0 allows local users to discover cleartext passwords by reading a file after a (1) profile setup or (2) profile edit occurs. |
|
719 |
CVE-2014-4421 |
|
|
+Info |
2014-09-18 |
2019-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4420. |
|
720 |
CVE-2014-4420 |
|
|
+Info |
2014-09-18 |
2019-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421. |
|
721 |
CVE-2014-4419 |
|
|
+Info |
2014-09-18 |
2019-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4420, and CVE-2014-4421. |
|
722 |
CVE-2014-4386 |
362 |
|
+Priv |
2014-09-18 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Race condition in the App Installation feature in Apple iOS before 8 allows local users to gain privileges and install unverified apps by leveraging /tmp write access. |
|
723 |
CVE-2014-4384 |
22 |
|
Dir. Trav. |
2014-09-18 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Directory traversal vulnerability in the App Installation feature in Apple iOS before 8 allows local users to install unverified apps by triggering code-signature validation of an unintended bundle. |
|
724 |
CVE-2014-4371 |
665 |
|
+Info |
2014-09-18 |
2019-11-07 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4419, CVE-2014-4420, and CVE-2014-4421. |
|
725 |
CVE-2014-4248 |
|
|
|
2014-07-17 |
2018-10-09 |
1.0 |
None |
Local |
High |
??? |
Partial |
None |
None |
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, and 12.2.3 allows local users to affect confidentiality via unknown vectors related to Logging. |
|
726 |
CVE-2014-3956 |
200 |
|
+Info |
2014-06-04 |
2017-12-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program. |
|
727 |
CVE-2014-3716 |
20 |
|
DoS |
2014-05-19 |
2018-10-30 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service (crash) via an unspecified field in a DTB header in a 32-bit guest kernel. |
|
728 |
CVE-2014-3647 |
|
|
DoS |
2014-11-10 |
2020-08-13 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. |
|
729 |
CVE-2014-3636 |
399 |
|
DoS |
2014-10-25 |
2018-10-30 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors or (2) cause a denial of service (disconnect) via multiple messages that combine to have more than the allowed number of file descriptors for a single sendmsg call. |
|
730 |
CVE-2014-3591 |
200 |
|
+Info |
2019-11-29 |
2019-12-05 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication. |
|
731 |
CVE-2014-3537 |
59 |
|
|
2014-07-23 |
2017-01-07 |
1.2 |
None |
Local |
High |
Not required |
Partial |
None |
None |
|
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/. |
|
732 |
CVE-2014-2926 |
|
|
DoS |
2014-07-14 |
2014-07-15 |
1.7 |
None |
Local |
Low |
??? |
None |
None |
Partial |
|
kapfa.sys in Kaseya Virtual System Administrator (VSA) 6.5 before 6.5.0.17 and 7.0 before 7.0.0.16 allows local users to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. |
|
733 |
CVE-2014-2893 |
59 |
|
+Info |
2014-04-23 |
2018-10-30 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names. |
|
734 |
CVE-2014-2603 |
|
|
+Info |
2014-05-10 |
2019-10-09 |
1.7 |
None |
Remote |
High |
??? |
Partial |
None |
None |
|
Unspecified vulnerability on HP 8/20q switches, SN6000 switches, and 8Gb Simple SAN Connection Kit with firmware before 8.0.14.08.00 allows remote authenticated users to obtain sensitive information via unknown vectors. |
|
735 |
CVE-2014-2488 |
|
|
|
2014-07-17 |
2018-10-09 |
1.0 |
None |
Local |
High |
??? |
Partial |
None |
None |
|
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality via unknown vectors related to Core. |
|
736 |
CVE-2014-2485 |
|
|
|
2014-07-17 |
2018-10-09 |
1.4 |
None |
Local |
Low |
??? |
Partial |
None |
None |
|
Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows local users to affect confidentiality via unknown vectors related to Integration Business Services. |
|
737 |
CVE-2014-1515 |
200 |
|
+Info |
2014-03-25 |
2014-04-01 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Mozilla Firefox before 28.0.1 on Android processes a file: URL by copying a local file onto the SD card, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application. |
|
738 |
CVE-2014-1496 |
269 |
|
+Priv |
2014-03-19 |
2020-08-05 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update. |
|
739 |
CVE-2014-1446 |
399 |
|
+Info |
2014-01-18 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call. |
|
740 |
CVE-2014-1444 |
399 |
|
+Info |
2014-01-18 |
2017-08-29 |
1.7 |
None |
Local |
Low |
??? |
Partial |
None |
None |
|
The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCWANDEV ioctl call. |
|
741 |
CVE-2014-1422 |
732 |
|
|
2020-07-22 |
2020-08-09 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
In Ubuntu's trust-store, if a user revokes location access from an application, the location is still available to the application because the application will honour incorrect, cached permissions. This is because the cache was not ordered by creation time by the Select struct in src/core/trust/impl/sqlite3/store.cpp. Fixed in trust-store (Ubuntu) version 1.1.0+15.04.20150123-0ubuntu1 and trust-store (Ubuntu RTM) version 1.1.0+15.04.20150123~rtm-0ubuntu1. |
|
742 |
CVE-2014-1352 |
264 |
|
|
2014-07-01 |
2017-01-07 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Lock Screen in Apple iOS before 7.1.2 does not properly enforce the limit on failed passcode attempts, which makes it easier for physically proximate attackers to conduct brute-force passcode-guessing attacks via unspecified vectors. |
|
743 |
CVE-2014-1281 |
264 |
|
|
2014-03-14 |
2014-03-14 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Photos Backend in Apple iOS before 7.1 does not properly manage the asset-library cache during deletions, which allows physically proximate attackers to obtain sensitive photo data by launching the Photos app and looking under a transparent image. |
|
744 |
CVE-2014-0974 |
264 |
|
|
2014-08-25 |
2016-07-13 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The boot_linux_from_mmc function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly validate a certain address value, which allows attackers to write data to a controllable memory location by leveraging the ability to initiate an attempted boot of an arbitrary image. |
|
745 |
CVE-2014-0890 |
255 |
|
+Info |
2014-03-06 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5.2.1, 9.0, and 9.0.0.1, when a certain com.ibm.collaboration.realtime.telephony.*.level setting is used, logs cleartext passwords during Audio/Video chat sessions, which allows local users to obtain sensitive information by reading a log file. |
|
746 |
CVE-2014-0872 |
255 |
|
+Info |
2018-04-25 |
2018-06-13 |
1.5 |
None |
Local |
Medium |
??? |
Partial |
None |
None |
|
The installation process in IBM Security Key Lifecycle Manager 2.5 stores unencrypted credentials, which might allow local users to obtain sensitive information by leveraging root access. IBM X-Force ID: 90988. |
|
747 |
CVE-2014-0179 |
20 |
|
DoS |
2014-08-03 |
2019-04-22 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods. |
|
748 |
CVE-2014-0146 |
476 |
|
DoS |
2017-08-10 |
2017-11-04 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields. |
|
749 |
CVE-2014-0135 |
264 |
|
+Info |
2014-05-08 |
2014-05-09 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for default_values.yaml, which allows local users to obtain passwords and other sensitive information by reading the file. |
|
750 |
CVE-2014-0076 |
310 |
|
|
2014-03-25 |
2017-12-16 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack. |
