LiveActive security incident?Get immediate response
CVE archive

June 2014

Browse CVE records published in June 2014, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 470 matching CVEs · Page 1 of 10.

High · CVSS 7.1

CVE-2014-2345: COPA-DATA zenon DNP3 Improper Input Validation

COPA-DATA zenon DNP3 NG driver (DNP3 master) 7.10 and 7.11 through 7.11 SP0 build 10238 and zenon DNP3 Process Gateway (DNP3 outstation) 7.11 SP0 build 10238 and earlier allow remote attackers to cause a denial of service (infinite loop and process crash) by sending a crafted DNP3 packet over TCP.

Published Jun 5, 2014 · Updated Oct 2, 2025

Medium · CVSS 4

CVE-2014-2346: COPA-DATA zenon DNP3 Improper Input Validation

COPA-DATA zenon DNP3 NG driver (DNP3 master) 7.10 and 7.11 through 7.11 SP0 build 10238 and zenon DNP3 Process Gateway (DNP3 outstation) 7.11 SP0 build 10238 and earlier allow physically proximate attackers to cause a denial of service (infinite loop and process crash) via crafted input over a serial line.

Published Jun 5, 2014 · Updated Oct 2, 2025

High · CVSS 7.5

CVE-2014-6274: S3 and Glacier remotes creds embedded in the git repo were not encrypted

git-annex had a bug in the S3 and Glacier remotes where if embedcreds=yes was set, and the remote used encryption=pubkey or encryption=hybrid, the embedded AWS credentials were stored in the git repository in (effectively) plaintext, not encrypted as they were supposed to be. This issue affects git-annex: from 3.20121126 before 5.20140919.

Published Jun 26, 2025 · Updated Jun 27, 2025

Medium · CVSS 5.3

CVE-2014-125002: FFmpeg dnxhdenc.c dnxhd_init_rc memory corruption

A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125003: FFmpeg jpeg2000dec.c get_siz memory corruption

A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125004: FFmpeg vmnc.c decode_hextile memory corruption

A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125005: FFmpeg mpeg4videodec.c decode_vol_header memory corruption

A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125006: FFmpeg h264.c output_frame memory corruption

A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125007: FFmpeg hevcpred_template.c intra_pred memory corruption

A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125008: FFmpeg oggparsevorbis.c vorbis_header memory corruption

A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125009: FFmpeg snow.h add_yblock memory corruption

A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function add_yblock of the file libavcodec/snow.h. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125010: FFmpeg h64.c decode_slice_header memory corruption

A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125011: FFmpeg ansi.c decode_frame integer coercion

A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125012: FFmpeg dxtroy.c integer coercion

A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125013: FFmpeg msrle.c msrle_decode_frame memory corruption

A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function msrle_decode_frame of the file libavcodec/msrle.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125014: FFmpeg HEVC Video Decoder memory corruption

A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is an unknown functionality of the component HEVC Video Decoder. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

High · CVSS 7.3

CVE-2014-125015: FFmpeg read_var_block_data memory corruption

A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is the function read_var_block_data. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125016: FFmpeg utils.c ff_init_buffer_info memory corruption

A vulnerability was found in FFmpeg 2.0. It has been rated as problematic. This issue affects the function ff_init_buffer_info of the file utils.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

High · CVSS 7.3

CVE-2014-125017: FFmpeg rpza_decode_stream memory corruption

A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerability affects the function rpza_decode_stream. The manipulation leads to memory corruption. The attack can be initiated remotely. The name of the patch is Fixes Invalid Writes. It is recommended to apply a patch to fix this issue.

Published Jun 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125018: FFmpeg decode_slice_header memory corruption

A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function decode_slice_header. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.

Published Jun 19, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125019: FFmpeg Slice Segment decode_nal_unit memory corruption

A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.

Published Jun 19, 2022 · Updated Apr 15, 2025

High · CVSS 7.3

CVE-2014-125020: FFmpeg decode_update_thread_context memory corruption

A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue.

Published Jun 19, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125021: FFmpeg cmv_process_header memory corruption

A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.

Published Jun 19, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125022: FFmpeg Bitstream Buffer shorten_decode_frame memory corruption

A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function shorten_decode_frame of the component Bitstream Buffer. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.

Published Jun 19, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125023: FFmpeg Truemotion1 truemotion1_decode_header memory corruption

A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.

Published Jun 19, 2022 · Updated Apr 15, 2025

High · CVSS 7.3

CVE-2014-125024: FFmpeg lag_decode_frame memory corruption

A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.

Published Jun 19, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.3

CVE-2014-125025: FFmpeg decode_pulses memory corruption

A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.

Published Jun 19, 2022 · Updated Apr 15, 2025

Medium · CVSS 6.5

CVE-2014-125104: VaultPress Plugin MailPoet Plugin class.vaultpress-hotfixes.php protect_aioseo_ajax unrestricted upload

A vulnerability was found in VaultPress Plugin up to 1.6.0 on WordPress. It has been declared as critical. Affected by this vulnerability is the function protect_aioseo_ajax of the file class.vaultpress-hotfixes.php of the component MailPoet Plugin. The manipulation leads to unrestricted upload. The attack can be launched remotely. Upgrading to version 1.6.1 is able to address this issue. The patch is named e3b92b14edca6291c5f998d54c90cbe98a1fb0e3. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230263.

Published Jun 1, 2023 · Updated Mar 5, 2025

Unknown · CVSS Not scored

CVE-2014-4192: The Dual_EC_DRBG implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) processes certain req...

The Dual_EC_DRBG implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) processes certain requests for output bytes by considering only the requested byte count and not the use of cached bytes, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than CVE-2007-6755.

Published Jun 17, 2014 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2014-4190: Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300...

Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet.

Published Jun 17, 2014 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2014-4308: Multiple cross-site scripting (XSS) vulnerabilities in NICE Recording eXpress (aka Cybertech eXpress) befor...

Multiple cross-site scripting (XSS) vulnerabilities in NICE Recording eXpress (aka Cybertech eXpress) before 6.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) USRLNM parameter to myaccount/mysettings.edit.validate.asp or the frame parameter to (2) iframe.picker.statchannels.asp, (3) iframe.picker.channelgroups.asp, (4) iframe.picker.extensions.asp, (5) iframe.picker.licenseusergroups.asp, (6) iframe.picker.licenseusers.asp, (7) iframe.picker.lookup.asp, or (8) iframe.picker.marks.asp in _ifr/.

Published Jun 18, 2014 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2014-4191: The TLS implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) sends a long series of random...

The TLS implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) sends a long series of random bytes during use of the Dual_EC_DRBG algorithm, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than CVE-2007-6755.

Published Jun 17, 2014 · Updated Sep 17, 2024