Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Mageia Project Subscribe
Total 13 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-2296 3 Canonical, Mageia Project, Python 3 Ubuntu Linux, Mageia, Requests 2021-03-18 6.8 MEDIUM N/A
The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.
CVE-2014-3533 4 D-bus Project, Debian, Mageia Project and 1 more 4 D-bus, Debian Linux, Mageia and 1 more 2018-10-30 2.1 LOW N/A
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that cause the dbus-daemon to forward a message containing an invalid file descriptor.
CVE-2014-7824 4 Canonical, D-bus Project, Debian and 1 more 4 Ubuntu Linux, D-bus, Debian Linux and 1 more 2017-09-07 2.1 LOW N/A
D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3636.1.
CVE-2014-4668 3 Cherokee-project, Fedoraproject, Mageia Project 3 Cherokee, Fedora, Mageia 2017-01-02 6.8 MEDIUM N/A
The cherokee_validator_ldap_check function in validator_ldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password.
CVE-2014-9274 4 Debian, Fedoraproject, Mageia Project and 1 more 4 Debian Linux, Fedora, Mageia and 1 more 2016-12-21 7.5 HIGH N/A
UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999".
CVE-2014-8763 2 Dokuwiki, Mageia Project 2 Dokuwiki, Mageia 2016-07-15 5.0 MEDIUM N/A
DokuWiki before 2014-05-05b, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a password starting with a null (\0) character and a valid user name, which triggers an unauthenticated bind.
CVE-2014-8764 2 Dokuwiki, Mageia Project 2 Dokuwiki, Mageia 2016-07-15 5.0 MEDIUM N/A
DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null (\0) character, which triggers an anonymous bind.
CVE-2014-9039 3 Debian, Mageia Project, Wordpress 3 Debian Linux, Mageia, Wordpress 2016-06-30 4.3 MEDIUM N/A
wp-login.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to reset passwords by leveraging access to an e-mail account that received a password-reset message.
CVE-2014-9037 3 Debian, Mageia Project, Wordpress 3 Debian Linux, Mageia, Wordpress 2016-06-30 6.8 MEDIUM N/A
WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to obtain access to an account idle since 2008 by leveraging an improper PHP dynamic type comparison for an MD5 hash.
CVE-2014-3424 2 Gnu, Mageia Project 2 Emacs, Mageia 2016-06-30 3.3 LOW N/A
lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.
CVE-2014-3423 2 Gnu, Mageia Project 2 Emacs, Mageia 2016-06-30 3.3 LOW N/A
lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file.
CVE-2014-3422 2 Gnu, Mageia Project 2 Emacs, Mageia 2016-06-30 3.3 LOW N/A
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.
CVE-2014-3421 2 Gnu, Mageia Project 2 Emacs, Mageia 2016-06-30 3.3 LOW N/A
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.