Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mageia vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-8763
DokuWiki prior to 2014-05-05b, when using Active Directory for LDAP authentication, allows remote malicious users to bypass authentication via a password starting with a null (\0) character and a valid user name, which triggers an unauthenticated bind.
Dokuwiki Dokuwiki
Mageia Project Mageia 4.0
Mageia Project Mageia 3.0
5
CVSSv2
CVE-2014-8764
DokuWiki 2014-05-05a and previous versions, when using Active Directory for LDAP authentication, allows remote malicious users to bypass authentication via a user name and password starting with a null (\0) character, which triggers an anonymous bind.
Mageia Project Mageia 4.0
Mageia Project Mageia 3.0
Dokuwiki Dokuwiki
5
CVSSv2
CVE-2014-1829
Requests (aka python-requests) prior to 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.
Debian Debian Linux 7.0
Python Requests
Canonical Ubuntu Linux 14.04
Mageia Mageia 4.0
5
CVSSv2
CVE-2014-7204
jscript.c in Exuberant Ctags 5.8 allows remote malicious users to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 7.0
Debian Exuberant Ctags 5.8
Mageia Mageia 4.0
Mageia Mageia 3.0
5
CVSSv2
CVE-2014-5461
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 up to and including 5.2.x prior to 5.2.3 allows context-dependent malicious users to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 7.0
Lua Lua 5.1.3
Lua Lua 5.1.4
Lua Lua 5.1.2
Lua Lua 5.1.5
Lua Lua 5.1.1
Lua Lua 5.1
Lua Lua 5.2.1
Lua Lua 5.2.0
Lua Lua 5.2.2
Mageia Mageia 3.0
Mageia Mageia 4.0
1 Github repository
4.3
CVSSv2
CVE-2014-9253
The default file type whitelist configuration in conf/mime.conf in the Media Manager in DokuWiki prior to 2014-09-29b allows remote malicious users to execute arbitrary web script or HTML by uploading an SWF file, then accessing it via the media parameter to lib/exe/fetch.php.
Dokuwiki Dokuwiki
Mageia Mageia 4.0
4.3
CVSSv2
CVE-2014-9039
wp-login.php in WordPress prior to 3.7.5, 3.8.x prior to 3.8.5, 3.9.x prior to 3.9.3, and 4.x prior to 4.0.1 might allow remote malicious users to reset passwords by leveraging access to an e-mail account that received a password-reset message.
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Mageia Project Mageia 4
Mageia Project Mageia 3
Wordpress Wordpress 3.9.1
Wordpress Wordpress 3.9.2
Wordpress Wordpress 4.0
Wordpress Wordpress 3.8.1
Wordpress Wordpress 3.8.3
Wordpress Wordpress 3.9
Wordpress Wordpress
Wordpress Wordpress 3.8
Wordpress Wordpress 3.8.2
Wordpress Wordpress 3.8.4
3.3
CVSSv2
CVE-2014-2524
The _rl_tropen function in util.c in GNU readline prior to 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.
Mageia Mageia 4.0
Mageia Mageia 3.0
Gnu Readline 5.2
Gnu Readline 5.1
Gnu Readline 5.0
Gnu Readline 4.3
Gnu Readline
Gnu Readline 6.1
Gnu Readline 4.2
Gnu Readline 4.0
Gnu Readline 2.2
Gnu Readline 2.1
Gnu Readline 6.2
Gnu Readline 6.0
Gnu Readline 4.1
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Fedoraproject Fedora 20
3.3
CVSSv2
CVE-2014-3421
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.
Mageia Project Mageia 4
Mageia Project Mageia 3
Gnu Emacs 20.0
Gnu Emacs 20.1
Gnu Emacs 20.2
Gnu Emacs 20.3
Gnu Emacs 22.2
Gnu Emacs 22.3
Gnu Emacs 23.1
Gnu Emacs 23.2
Gnu Emacs 23.3
Gnu Emacs 21
Gnu Emacs 21.1
Gnu Emacs 21.2
Gnu Emacs 21.2.1
Gnu Emacs 20.4
Gnu Emacs 20.6
Gnu Emacs 21.3.1
Gnu Emacs 22.1
Gnu Emacs 24.1
Gnu Emacs
Gnu Emacs 20.5
3.3
CVSSv2
CVE-2014-3423
lisp/net/browse-url.el in GNU Emacs 24.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file.
Mageia Project Mageia 3
Mageia Project Mageia 4
Gnu Emacs 21.1
Gnu Emacs 21.2
Gnu Emacs 21.2.1
Gnu Emacs 21.3
Gnu Emacs 20.0
Gnu Emacs 20.1
Gnu Emacs 20.2
Gnu Emacs 20.3
Gnu Emacs 22.3
Gnu Emacs 23.1
Gnu Emacs 23.2
Gnu Emacs 23.3
Gnu Emacs 20.5
Gnu Emacs 20.7
Gnu Emacs 21.4
Gnu Emacs 22.2
Gnu Emacs 23.4
Gnu Emacs 24.2
Gnu Emacs 20.4
Gnu Emacs 20.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »