Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2014-8099

    The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly exec... Read more

    Affected Products : x_server xorg-server x11 xfree86
    • Published: Dec. 10, 2014
    • Modified: Aug. 29, 2025

  • 6.5

    MEDIUM
    CVE-2014-8098

    The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute a... Read more

    • Published: Dec. 10, 2014
    • Modified: Aug. 29, 2025

  • 6.5

    MEDIUM
    CVE-2014-8097

    The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code ... Read more

    Affected Products : x_server xorg-server x11
    • Published: Dec. 10, 2014
    • Modified: Aug. 29, 2025

  • 6.5

    MEDIUM
    CVE-2014-8096

    The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or ... Read more

    Affected Products : debian_linux x_server xorg-server x11
    • Published: Dec. 10, 2014
    • Modified: Aug. 29, 2025

  • 6.5

    MEDIUM
    CVE-2014-8095

    The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code... Read more

    Affected Products : debian_linux x_server xorg-server x11
    • Published: Dec. 10, 2014
    • Modified: Aug. 29, 2025

  • 6.5

    MEDIUM
    CVE-2014-8094

    Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary... Read more

    • Published: Dec. 10, 2014
    • Modified: Aug. 29, 2025

  • 6.5

    MEDIUM
    CVE-2014-8093

    Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly ex... Read more

    Affected Products : x_server xorg-server x11 xfree86
    • Published: Dec. 10, 2014
    • Modified: Aug. 29, 2025

  • 6.5

    MEDIUM
    CVE-2014-8092

    Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted re... Read more

    Affected Products : x_server xorg-server x11
    • Published: Dec. 10, 2014
    • Modified: Aug. 29, 2025

  • 4.3

    MEDIUM
    CVE-2014-8091

    X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value of a malloc call, which allows remote attackers to caus... Read more

    Affected Products : x_server xorg-server x11
    • Published: Dec. 10, 2014
    • Modified: Aug. 29, 2025

  • 6.8

    MEDIUM
    CVE-2014-7809

    Apache Struts 2.0.0 through 2.3.x before 2.3.20 uses predictable <s:token/> values, which allows remote attackers to bypass the CSRF protection mechanism.... Read more

    Affected Products : struts
    • Published: Dec. 10, 2014
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-7807

    Apache CloudStack 4.3.x before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to bypass authentication via a login request without a password, which triggers an unauthenticated bind.... Read more

    Affected Products : cloudstack
    • Published: Dec. 10, 2014
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2014-8488

    Cross-site scripting (XSS) vulnerability in the administrator panel in Yourls 1.7 allows remote attackers to inject arbitrary web script or HTML via a URL that is processed by the Shorten functionality.... Read more

    Affected Products : fedora yourls
    • Published: Dec. 10, 2014
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2014-8730

    The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 a... Read more

    • Published: Dec. 10, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-8496

    Digicom DG-5514T ADSL router with firmware 3.2 generates predictable session IDs, which allows remote attackers to gain administrator privileges via a brute force session hijacking attack.... Read more

    • Published: Dec. 10, 2014
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2014-9352

    Cross-site scripting (XSS) vulnerability in the mail administration login panel in Scalix Web Access 11.4.6.12377 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : web_access
    • Published: Dec. 09, 2014
    • Modified: Apr. 12, 2025

  • 6.4

    MEDIUM
    CVE-2014-9351

    engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service (crash) via unspecified vectors.... Read more

    Affected Products : teeworlds
    • Published: Dec. 09, 2014
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-9319

    The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted .bit file.... Read more

    Affected Products : ffmpeg
    • Published: Dec. 09, 2014
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-9318

    The raw_decode function in libavcodec/rawdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via a crafted .c... Read more

    Affected Products : ffmpeg
    • Published: Dec. 09, 2014
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-9317

    The decode_ihdr_chunk function in libavcodec/pngdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via an ID... Read more

    Affected Products : ffmpeg
    • Published: Dec. 09, 2014
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-9316

    The mjpeg_decode_app function in libavcodec/mjpegdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via vect... Read more

    Affected Products : ffmpeg
    • Published: Dec. 09, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 293644 Results