Vulnerabilities > Mageia > Mageia > 3.0

DATE	CVE	VULNERABILITY TITLE	RISK
2014-10-15	CVE-2014-3566	Cryptographic Issues vulnerability in multiple products The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. network high complexity redhat ibm apple mageia novell opensuse fedoraproject openssl netbsd debian oracle CWE-310	3.4
2014-10-07	CVE-2014-7204	Resource Management Errors vulnerability in multiple products jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file. network low complexity canonical debian mageia CWE-399	5.0
2014-08-20	CVE-2014-2524	Link Following vulnerability in multiple products The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file. local mageia gnu opensuse fedoraproject CWE-59	3.3
2014-08-07	CVE-2014-3429	Code Injection vulnerability in multiple products IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page. network opensuse ipython mageia CWE-94	6.8