Search CVE reports
1 – 10 of 142 results
Audiofile v0.3.7 was discovered to contain a NULL pointer dereference via the ModuleState::setup function.
1 affected package
audiofile
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| audiofile | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Seafile versions 11.0.18-Pro, 12.0.10, and 12.0.10-Pro are vulnerable to a stored Cross-Site Scripting (XSS) attack. An authenticated attacker can exploit this vulnerability by modifying their username to include a malicious XSS...
1 affected package
seafile
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| seafile | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during...
1 affected package
libsndfile
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsndfile | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before...
4 affected packages
libcommons-fileupload-java, tomcat10, tomcat11, tomcat9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libcommons-fileupload-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| tomcat10 | Vulnerable | Not in release | — | — |
| tomcat11 | Not in release | Not in release | — | — |
| tomcat9 | Not affected | Vulnerable | Vulnerable | Vulnerable |
Some fixes available 4 of 7
File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted filename. A file handle is opened with the 2 argument form of `open()` allowing an attacker controlled filename to...
1 affected package
libfile-find-rule-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libfile-find-rule-perl | Fixed | Fixed | Needs evaluation | Needs evaluation |
libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.
1 affected package
libsndfile
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsndfile | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.
1 affected package
libsndfile
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsndfile | Fixed | Fixed | Fixed | Fixed |
In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where...
2 affected packages
filezilla, putty
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| filezilla | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| putty | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 42 of 93
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation...
13 affected packages
dropbear, golang-go.crypto, snapd, lxd, libssh...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| dropbear | Needs evaluation | Fixed | Fixed | Fixed |
| golang-go.crypto | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| snapd | Not affected | Not affected | Not affected | Not affected |
| lxd | Not in release | Not in release | Not affected | Fixed |
| libssh | Not affected | Fixed | Fixed | Not affected |
| openssh-ssh1 | Ignored | Ignored | Ignored | Ignored |
| libssh2 | Not affected | Not affected | Not affected | Not affected |
| openssh | Fixed | Fixed | Fixed | Fixed |
| paramiko | Fixed | Fixed | Fixed | Needs evaluation |
| putty | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| proftpd-dfsg | Not affected | Not affected | Fixed | Needs evaluation |
| python-asyncssh | Fixed | Fixed | Fixed | Ignored |
| filezilla | Fixed | Fixed | Fixed | Not affected |
File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.
1 affected package
file
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| file | — | Fixed | Not affected | Not affected |