Vulnerabilities > Mageia

DATE CVE VULNERABILITY TITLE RISK
2017-08-25 CVE-2014-9637 Resource Management Errors vulnerability in multiple products
GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.
7.1
2015-03-08 CVE-2015-2191 Numeric Errors vulnerability in multiple products
Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.
network
low complexity
debian mageia wireshark opensuse CWE-189
5.0
2015-03-08 CVE-2015-2189 Numeric Errors vulnerability in multiple products
Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet.
network
low complexity
wireshark oracle opensuse debian mageia CWE-189
5.0
2015-03-08 CVE-2015-2188 Data Processing Errors vulnerability in multiple products
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.
network
low complexity
wireshark mageia opensuse debian oracle CWE-19
5.0
2015-01-29 CVE-2015-0236 Information Exposure vulnerability in multiple products
libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface.
3.5
2014-12-19 CVE-2014-8136 Permissions, Privileges, and Access Controls vulnerability in multiple products
The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.
local
low complexity
mageia redhat canonical opensuse CWE-264
2.1
2014-12-17 CVE-2014-8117 Resource Management Errors vulnerability in multiple products
softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.
network
low complexity
file-project freebsd mageia canonical CWE-399
5.0
2014-12-17 CVE-2014-8116 Resource Management Errors vulnerability in multiple products
The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities.
network
low complexity
file-project freebsd mageia canonical CWE-399
5.0
2014-12-17 CVE-2014-9253 Cross-Site Scripting vulnerability in multiple products
The default file type whitelist configuration in conf/mime.conf in the Media Manager in DokuWiki before 2014-09-29b allows remote attackers to execute arbitrary web script or HTML by uploading an SWF file, then accessing it via the media parameter to lib/exe/fetch.php.
4.3
2014-12-03 CVE-2014-8104 Resource Management Errors vulnerability in multiple products
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.
network
low complexity
mageia debian opensuse openvpn canonical CWE-399
6.8