Vulnerabilities > Mageia Project > Mageia > 4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-12-09 | CVE-2014-9274 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999". | 7.5 |
| 2014-11-25 | CVE-2014-9039 | 7PK - Security Features vulnerability in multiple products wp-login.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to reset passwords by leveraging access to an e-mail account that received a password-reset message. | 4.3 |
| 2014-11-25 | CVE-2014-9037 | Cryptographic Issues vulnerability in multiple products WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to obtain access to an account idle since 2008 by leveraging an improper PHP dynamic type comparison for an MD5 hash. | 6.8 |
| 2014-07-02 | CVE-2014-4668 | Improper Authentication vulnerability in multiple products The cherokee_validator_ldap_check function in validator_ldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password. | 6.8 |
| 2014-05-08 | CVE-2014-3424 | Link Following vulnerability in multiple products lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file. | 3.3 |
| 2014-05-08 | CVE-2014-3423 | Link Following vulnerability in multiple products lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file. | 3.3 |
| 2014-05-08 | CVE-2014-3422 | Link Following vulnerability in multiple products lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/. | 3.3 |
| 2014-05-08 | CVE-2014-3421 | Link Following vulnerability in multiple products lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file. | 3.3 |