Search CVE reports
71 – 80 of 39594 results
A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not...
1 affected package
webkitgtk
| Package | 18.04 LTS |
|---|---|
| webkitgtk | Needs evaluation |
Untrusted search path in auth_query connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious search_path parameter in the StartupMessage.
1 affected package
pgbouncer
| Package | 18.04 LTS |
|---|---|
| pgbouncer | Needs evaluation |
When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.
14 affected packages
jython, pypy3, python2.7, python3.4, python3.5...
| Package | 18.04 LTS |
|---|---|
| jython | Needs evaluation |
| pypy3 | — |
| python2.7 | Needs evaluation |
| python3.4 | — |
| python3.5 | — |
| python3.6 | Needs evaluation |
| python3.7 | Needs evaluation |
| python3.8 | Needs evaluation |
| python3.9 | — |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParse(StreamSourceChannel) method to parse large form data encoding with...
1 affected package
undertow
| Package | 18.04 LTS |
|---|---|
| undertow | Needs evaluation |
(MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 t ...)
1 affected package
wireshark
| Package | 18.04 LTS |
|---|---|
| wireshark | Needs evaluation |
(HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of se ...)
1 affected package
wireshark
| Package | 18.04 LTS |
|---|---|
| wireshark | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is...
1 affected package
imagemagick
| Package | 18.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current...
1 affected package
vim
| Package | 18.04 LTS |
|---|---|
| vim | Needs evaluation |
Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality. An authenticated Cacti user can supply crafted SNMP community...
1 affected package
cacti
| Package | 18.04 LTS |
|---|---|
| cacti | Needs evaluation |
SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain...
1 affected package
singularity-container
| Package | 18.04 LTS |
|---|---|
| singularity-container | Needs evaluation |