| | CVE-2014-6323 |  Microsoft | medium | 4.3 | 41.4%
| | Microsoft Internet Explorer 7 through 11 allows remote attackers to obtain sensitive clipboard infor… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6331 | Microsoft | medium | 5.0 | 33.6%
| | Microsoft Active Directory Federation Services (AD FS) 2.0, 2.1, and 3.0, when a configured SAML Rel… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6333 | Microsoft | critical | 9.3 | 46.0%
| | Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to ex… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6334 | Microsoft | critical | 9.3 | 46.0%
| | Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to ex… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6335 | Microsoft | critical | 9.3 | 46.0%
| | Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to ex… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6337 | Microsoft | critical | 9.3 | 24.1%
| | Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a d… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6339 | Microsoft | medium | 5.0 | 11.1%
| | Microsoft Internet Explorer 8 and 9 allows remote attackers to bypass the ASLR protection mechanism … | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6340 | Microsoft | medium | 4.3 | 41.4%
| | Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6341 | Microsoft | critical | 9.3 | 24.1%
| | Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause … | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6342 | Microsoft | critical | 9.3 | 24.1%
| | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6343 | Microsoft | critical | 9.3 | 24.1%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause … | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6344 | Microsoft | critical | 9.3 | 24.1%
| | Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a den… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6345 | Microsoft | medium | 4.3 | 30.5%
| | Microsoft Internet Explorer 9 and 10 allows remote attackers to read content from a different (1) do… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6346 | Microsoft | medium | 4.3 | 44.8%
| | Microsoft Internet Explorer 8 through 11 allows remote attackers to read content from a different (1… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6347 | Microsoft | critical | 9.3 | 24.1%
| | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6348 | Microsoft | critical | 9.3 | 19.6%
| | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6349 | Microsoft | medium | 4.3 | 8.4%
| | Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web s… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6350 | Microsoft | medium | 4.3 | 8.2%
| | Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web s… | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6351 | Microsoft | critical | 9.3 | 20.4%
| | Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause … | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-6353 | Microsoft | critical | 9.3 | 24.1%
| | Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause … | Nov 11, 2014 | May 6, 2026 |
| | CVE-2014-7246 |  ForgeRock | low | 3.5 | 0.5%
| | The Core Server in OpenAM 9.5.3 through 9.5.5, 10.0.0 through 10.0.2, 10.1.0-Xpress, and 11.0.0 thro… | Nov 14, 2014 | May 6, 2026 |
| | CVE-2014-7878 |  HPE | critical | 10.0 | 28.8%
| | The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual … | Nov 14, 2014 | May 6, 2026 |
| | CVE-2014-7991 |  Cisco | medium | 4.3 | 0.3%
| | The Remote Mobile Access Subsystem in Cisco Unified Communications Manager (CM) 10.0(1) and earlier … | Nov 14, 2014 | May 6, 2026 |
| | CVE-2014-3500 |  Apache | medium | 6.4 | 1.2%
| | Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted i… | Nov 15, 2014 | May 6, 2026 |
| | CVE-2014-3501 | Apache | medium | 4.3 | 1.7%
| | Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect… | Nov 15, 2014 | May 6, 2026 |
| | CVE-2014-3502 | Apache | medium | 4.3 | 1.5%
| | Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary appli… | Nov 15, 2014 | May 6, 2026 |
| | CVE-2014-0228 | Apache | low | 3.5 | 0.3%
| | Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check t… | Nov 16, 2014 | May 6, 2026 |
| | CVE-2014-8950 |  Check Point | high | 7.1 | 0.7%
| | Unspecified vulnerability in Check Point Security Gateway R77 and R77.10, when the (1) URL Filtering… | Nov 16, 2014 | May 6, 2026 |
| | CVE-2014-8951 | Check Point | high | 7.1 | 0.7%
| | Unspecified vulnerability in Check Point Security Gateway R75, R76, R77, and R77.10, when UserCheck … | Nov 16, 2014 | May 6, 2026 |
| | CVE-2014-8952 | Check Point | high | 7.1 | 0.7%
| | Multiple unspecified vulnerabilities in Check Point Security Gateway R75.40VS, R75.45, R75.46, R75.4… | Nov 16, 2014 | May 6, 2026 |
| | CVE-2014-3629 | Apache | medium | 4.3 | 1.7%
| | XML external entity (XXE) vulnerability in the XML Exchange module in Apache Qpid 0.30 allows remote… | Nov 17, 2014 | May 6, 2026 |
| | CVE-2014-8727 |  F5 | medium | 6.2 | 0.2%
| | Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the "… | Nov 17, 2014 | May 6, 2026 |
| | CVE-2014-3625 |  VMware | medium | 5.0 | 17.0%
| | Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0… | Nov 20, 2014 | May 6, 2026 |
| | CVE-2014-8000 | Cisco | medium | 5.0 | 0.7%
| | Cisco Unified Communications Manager IM and Presence Service 9.1(1) produces different returned mess… | Nov 21, 2014 | May 6, 2026 |
| | CVE-2010-5312 | Apache | medium | 6.1 | 5.9%
| | Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI be… | Nov 24, 2014 | May 6, 2026 |
| | CVE-2014-8001 | Cisco | high | 7.5 | 3.0%
| | Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute… | Nov 25, 2014 | May 6, 2026 |
| | CVE-2014-8002 | Cisco | high | 7.5 | 2.1%
| | Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 1.2.0 and earlier allows remote a… | Nov 25, 2014 | May 6, 2026 |
| | CVE-2014-3407 | Cisco | medium | 5.0 | 0.4%
| | The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier d… | Nov 28, 2014 | May 6, 2026 |
| | CVE-2014-3627 | Apache | medium | 5.0 | 1.6%
| | The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using… | Dec 5, 2014 | May 6, 2026 |
| | CVE-2014-3616 | F5 | medium | 4.3 | 2.4%
| | nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key fo… | Dec 8, 2014 | May 6, 2026 |
| | CVE-2014-3797 | VMware | medium | 4.3 | 0.4%
| | Cross-site scripting (XSS) vulnerability in VMware vCenter Server Appliance (vCSA) 5.1 before Update… | Dec 8, 2014 | May 6, 2026 |
| | CVE-2014-8371 | VMware | medium | 4.3 | 0.1%
| | VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Upda… | Dec 8, 2014 | May 6, 2026 |
| | CVE-2014-9342 | F5 | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in the tree view (pl_tree.php) feature in Application Secur… | Dec 8, 2014 | May 6, 2026 |
| | CVE-2014-8730 | F5 | medium | 4.3 | 3.1%
| | The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 1… | Dec 10, 2014 | May 6, 2026 |
| | CVE-2014-7807 | Apache | medium | 5.0 | 0.4%
| | Apache CloudStack 4.3.x before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to bypass authen… | Dec 10, 2014 | May 6, 2026 |
| | CVE-2014-7809 | Apache | medium | 6.8 | 7.5%
| | Apache Struts 2.0.0 through 2.3.x before 2.3.20 uses predictable <s:token/> values, which allows rem… | Dec 10, 2014 | May 6, 2026 |
| | CVE-2014-8003 | Cisco | high | 7.2 | 0.1%
| | Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows… | Dec 10, 2014 | May 6, 2026 |
| | CVE-2014-8009 | Cisco | medium | 5.0 | 0.2%
| | The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attacke… | Dec 10, 2014 | May 6, 2026 |
| | CVE-2014-8010 | Cisco | medium | 6.5 | 0.4%
| | The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated admin… | Dec 10, 2014 | May 6, 2026 |
| | CVE-2014-6319 | Microsoft | medium | 5.0 | 5.1%
| | Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and Cumulative U… | Dec 11, 2014 | May 6, 2026 |