| | CVE-2014-6325 |  Microsoft | medium | 4.3 | 5.1%
| | Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2013 SP1 and Cumulative Update… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6326 | Microsoft | medium | 4.3 | 5.1%
| | Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2013 SP1 and Cumulative Update… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6327 | Microsoft | critical | 9.3 | 24.0%
| | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6328 | Microsoft | medium | 5.0 | 27.3%
| | Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a craf… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6329 | Microsoft | critical | 9.3 | 20.9%
| | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6330 | Microsoft | critical | 9.3 | 16.4%
| | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6336 | Microsoft | low | 3.5 | 2.8%
| | Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 does not properl… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6356 | Microsoft | critical | 9.3 | 20.1%
| | Array index error in Microsoft Word 2007 SP3, Word 2010 SP2, and Office Compatibility Pack SP3 allow… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6357 | Microsoft | critical | 9.3 | 48.0%
| | Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, Office 2013 RT … | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6360 | Microsoft | critical | 9.3 | 20.1%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack allow remote attackers to ex… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6361 | Microsoft | critical | 9.3 | 20.1%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 Gold and SP1, Excel 2013 RT Gold and SP1, and O… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6363 | Microsoft | critical | 9.3 | 26.8%
| | vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and … | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6364 | Microsoft | critical | 9.3 | 31.7%
| | Use-after-free vulnerability in Microsoft Office 2007 SP3; 2010 SP2; 2013 Gold, SP1, and SP2; and 20… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6365 | Microsoft | medium | 4.3 | 18.4%
| | Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a craf… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6366 | Microsoft | critical | 9.3 | 16.4%
| | Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a den… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6368 | Microsoft | medium | 4.3 | 8.4%
| | Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6369 | Microsoft | critical | 9.3 | 29.7%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause … | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6373 | Microsoft | critical | 9.3 | 24.0%
| | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6374 | Microsoft | critical | 9.3 | 22.8%
| | Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause … | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6375 | Microsoft | critical | 9.3 | 24.3%
| | Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-6376 | Microsoft | critical | 9.3 | 24.0%
| | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-8966 | Microsoft | critical | 9.3 | 24.0%
| | Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-8372 |  VMware | medium | 4.0 | 0.1%
| | AirWatch by VMware On-Premise 7.3.x before 7.3.3.0 (FP3) allows remote authenticated users to obtain… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-8373 | VMware | critical | 9.0 | 1.4%
| | The VMware Remote Console (VMRC) function in VMware vCloud Automation Center (vCAC) 6.0.1 through 6.… | Dec 11, 2014 | May 6, 2026 |
| | CVE-2014-8489 |  ForgeRock | medium | 6.4 | 0.3%
| | Open redirect vulnerability in startSSO.ping in the SP Endpoints in Ping Identity PingFederate 6.10.… | Dec 12, 2014 | May 6, 2026 |
| | CVE-2014-3364 |  Cisco | medium | 4.3 | 0.3%
| | Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Prime Security Man… | Dec 13, 2014 | May 6, 2026 |
| | CVE-2014-3583 |  Apache | medium | 5.0 | 41.8%
| | The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Serv… | Dec 15, 2014 | May 6, 2026 |
| | CVE-2014-8967 | Microsoft | medium | 6.8 | 29.9%
| | Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbit… | Dec 15, 2014 | May 6, 2026 |
| | CVE-2014-5466 |  Splunk | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Web in Splunk Enterprise 6.1.x b… | Dec 16, 2014 | May 6, 2026 |
| | CVE-2014-7880 |  HPE | medium | 5.0 | 1.3%
| | Multiple unspecified vulnerabilities in the POP implementation in HP OpenVMS TCP/IP 5.7 before ECO5 … | Dec 17, 2014 | May 6, 2026 |
| | CVE-2014-3580 | Apache | medium | 5.0 | 13.7%
| | The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1… | Dec 18, 2014 | May 6, 2026 |
| | CVE-2014-8108 | Apache | medium | 5.0 | 5.0%
| | The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before… | Dec 18, 2014 | May 6, 2026 |
| | CVE-2014-8007 | Cisco | medium | 4.0 | 0.2%
| | Cisco Prime Infrastructure allows remote authenticated users to read device-discovery passwords by e… | Dec 20, 2014 | May 6, 2026 |
| | CVE-2014-8019 | Cisco | medium | 5.0 | 0.2%
| | Directory traversal vulnerability in Cisco Enterprise Content Delivery System (ECDS) allows remote a… | Dec 20, 2014 | May 6, 2026 |
| | CVE-2014-8015 | Cisco | medium | 4.0 | 0.2%
| | The Sponsor Portal in Cisco Identity Services Engine (ISE) allows remote authenticated users to obta… | Dec 22, 2014 | May 6, 2026 |
| | CVE-2014-8017 | Cisco | medium | 5.0 | 0.2%
| | The periodic-backup feature in Cisco Identity Services Engine (ISE) allows remote attackers to disco… | Dec 22, 2014 | May 6, 2026 |
| | CVE-2014-8018 | Cisco | medium | 4.3 | 0.3%
| | Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages … | Dec 22, 2014 | May 6, 2026 |
| | CVE-2014-8024 | Cisco | medium | 4.3 | 0.4%
| | The API in the Guest Server in Cisco Jabber, when the HTML5 CORS feature is used, allows remote atta… | Dec 23, 2014 | May 6, 2026 |
| | CVE-2014-8025 | Cisco | medium | 4.3 | 0.4%
| | The API in the Guest Server in Cisco Jabber, when HTML5 is used, allows remote attackers to obtain s… | Dec 23, 2014 | May 6, 2026 |
| | CVE-2014-8026 | Cisco | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in the Guest Server in Cisco Jabber allows remote attackers… | Dec 23, 2014 | May 6, 2026 |
| | CVE-2014-7993 | Cisco | low | 3.3 | 0.1%
| | Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain… | Dec 24, 2014 | May 6, 2026 |
| | CVE-2014-7994 | Cisco | medium | 5.4 | 0.1%
| | Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execut… | Dec 24, 2014 | May 6, 2026 |
| | CVE-2014-7995 | Cisco | high | 7.2 | 0.1%
| | Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attac… | Dec 24, 2014 | May 6, 2026 |
| | CVE-2014-7999 | Cisco | high | 7.7 | 0.2%
| | Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users… | Dec 24, 2014 | May 6, 2026 |
| | CVE-2014-3556 |  F5 | medium | 6.8 | 48.2%
| | The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the SMTP proxy in nginx 1.5.x and 1.6… | Dec 29, 2014 | May 6, 2026 |
| | CVE-2014-8109 | Apache | medium | 4.3 | 11.7%
| | mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not su… | Dec 29, 2014 | May 6, 2026 |
| | CVE-2014-3628 | Apache | medium | 4.3 | 1.4%
| | Cross-site scripting (XSS) vulnerability in the Admin UI Plugin / Stats page in Apache Solr 4.x befo… | Jan 6, 2015 | May 6, 2026 |
| | CVE-2014-9527 | Apache | medium | 5.0 | 1.2%
| | HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infini… | Jan 6, 2015 | May 6, 2026 |
| | CVE-2014-8027 | Cisco | medium | 6.5 | 0.2%
| | The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to … | Jan 9, 2015 | May 6, 2026 |
| | CVE-2014-8028 | Cisco | medium | 4.3 | 0.3%
| | Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Secure Access Cont… | Jan 9, 2015 | May 6, 2026 |