U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
There are 240,912 matching records.
Displaying matches 151,381 through 151,400.
Vuln ID Summary CVSS Severity
CVE-2015-1177

Cross-site scripting (XSS) vulnerability in Exponent CMS 2.3.2.

Published: August 28, 2017; 11:29:01 AM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2015-0974

Untrusted search path vulnerability in ZTE Datacard MF19 0V1.0.0B04 allows local users to gain privilege by modifying the 'Ucell Internet' directory to reference a malicious mms_dll_r.dll or mediaplayerdll.dll.

Published: August 28, 2017; 11:29:01 AM -0400 		V4.0:(not available)
 V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2015-0928

libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference).

Published: August 28, 2017; 11:29:01 AM -0400 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2015-0210

wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote attackers to cause a man-in-the-middle attack.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 5.9 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2015-0114

Stack-based buffer overflow in IBM V5R4, and IBM i Access for Windows 6.1 and 7.1.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2015-0101

Cross-site scripting (XSS) vulnerability in IBM Business Process Manager Standard 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5; IBM Business Process Manager Express 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5; and IBM Business Process Manager Advanced 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2014-9558

Multiple SQL injection vulnerabilities in SmartCMS v.2.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2014-9557

Multiple cross-site scripting (XSS) vulnerabilities in SmartCMS v.2.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2014-9514

Cross-site scripting (XSS) vulnerability in BMC Footprints Service Core 11.5.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2014-9513

Insecure use of temporary files in xbindkeys-config 0.1.3-2 allows remote attackers to execute arbitrary code.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2014-9483

Emacs 24.4 allows remote attackers to bypass security restrictions.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2014-9469

Cross-site scripting (XSS) vulnerability in vBulletin 3.5.4, 3.6.0, 3.6.7, 3.8.7, 4.2.2, 5.0.5, and 5.1.3.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2014-9312

Unrestricted File Upload vulnerability in Photo Gallery 1.2.5.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 8.8 HIGH
V2.0: 6.5 MEDIUM
CVE-2014-8900

Cross-site request forgery (CSRF) vulnerability in IBM UrbanCode Release 6.0.1.6 and earlier, 6.1.0.7 and earlier, and 6.1.1.1 and earlier.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2014-8871

Directory traversal vulnerability in hybris Commerce software suite 5.0.3.3 and earlier, 5.0.0.3 and earlier, 5.0.4.4 and earlier, 5.1.0.1 and earlier, 5.1.1.2 and earlier, 5.2.0.3 and earlier, and 5.3.0.1 and earlier.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2014-8753

Multiple cross-site scripting (XSS) vulnerabilities in Cit-e-Net Cit-e-Access 6.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2014-8428

Privilege escalation vulnerability in Barracuda Load Balancer 5.0.0.015 via the use of an improperly protected SSH key.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2014-8426

Hard coded weak credentials in Barracuda Load Balancer 5.0.0.015.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2014-8168

Red Hat Satellite 6 allows local users to access mongod and delete pulp_database.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2014-5302

Directory traversal vulnerability in ServiceDesk Plus and Plus MSP v5 through v9.0 v9030; AssetExplorer v4 to v6.1; SupportCenter v5 to v7.9; IT360 v8 to v10.4 allows remote authenticated users to execute arbitrary code.

Published: August 28, 2017; 11:29:00 AM -0400 		V4.0:(not available)
 V3.0: 8.8 HIGH
V2.0: 9.0 HIGH