Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-9087 |
Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow. Published: December 01, 2014; 10:59:11 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2014-3566 |
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. Published: October 14, 2014; 8:55:02 PM -0400 |
V3.1: 3.4 LOW V2.0: 4.3 MEDIUM |
CVE-2014-7204 |
jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file. Published: October 07, 2014; 10:55:08 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-5461 |
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments. Published: September 04, 2014; 1:55:07 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-2524 |
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file. Published: August 20, 2014; 10:55:05 AM -0400 |
V3.x:(not available) V2.0: 3.3 LOW |
CVE-2014-3429 |
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page. Published: August 07, 2014; 7:13:34 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2013-4159 |
ctdb before 2.3 in OpenSUSE 12.3 and 13.1 does not create temporary files securely, which has unspecified impact related to "several temp file vulnerabilities" in (1) tcp/tcp_connect.c, (2) server/eventscript.c, (3) tools/ctdb_diagnostics, (4) config/gdb_backtrace, and (5) include/ctdb_private.h. Published: August 06, 2014; 2:55:05 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2014-3532 |
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded. Published: July 19, 2014; 3:55:07 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |