Mageia Project
mageia_project
13 CVEs • 1 product
Products (1)
Click to collapseToggle
Products (1)
Click to collapse
CVEs (13)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
3Canonical Mageia ProjectPython3Mageia RequestsUbuntu LinuxMay 6, 2026 Mar 18, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect. |
4Debian FedoraprojectMageia Project+1 more4Debian Linux FedoraMageia+1 moreMay 6, 2026 Dec 9, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999". |
3Debian Mageia ProjectWordpress3Debian Linux MageiaWordpressMay 6, 2026 Nov 25, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 wp-login.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to reset passwords by leveraging access to an e-mail account that received a password-rese...Show more |
3Debian Mageia ProjectWordpress3Debian Linux MageiaWordpressMay 6, 2026 Nov 25, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to obtain access to an account idle since 2008 by leveraging an improper PHP dynamic type comparison for a...Show more |
4Canonical DebianFreedesktop+1 more4Dbus Debian LinuxMageia+1 moreMay 6, 2026 Nov 18, 2014 N/A· v4 N/A· v3 2.1 LOW· v2 D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of fi...Show more |
2Dokuwiki Mageia Project2Dokuwiki MageiaMay 6, 2026 Oct 22, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null (\0) character, which triggers an...Show more |
2Dokuwiki Mageia Project2Dokuwiki MageiaMay 6, 2026 Oct 22, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 DokuWiki before 2014-05-05b, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a password starting with a null (\0) character and a valid user name, which triggers...Show more |
4Debian FreedesktopMageia Project+1 more4Dbus Debian LinuxMageia+1 moreMay 6, 2026 Jul 19, 2014 N/A· v4 N/A· v3 2.1 LOW· v2 dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that cause the dbus-daemon to forward a message containing an invali...Show more |
3Cherokee Project FedoraprojectMageia Project3Cherokee FedoraMageiaMay 6, 2026 Jul 2, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The cherokee_validator_ldap_check function in validator_ldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authen...Show more |
lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file. |
lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file. |
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/. |
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file. |