Search CVE reports
51 – 60 of 37281 results
CVE-2024-49766
Medium priorityWerkzeug is a Web Server Gateway Interface web application library. On Python < 3.11 on Windows, os.path.isabs() does not catch UNC paths like //server/share. Werkzeug's safe_join() relies on this check, and so can produce a path...
1 affected packages
python-werkzeug
| Package | 16.04 LTS |
|---|---|
| python-werkzeug | Not affected |
CVE-2024-48426
Medium priorityA segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address (0x1000c9714971).
4 affected packages
assimp, qt6-3d, qt6-quick3d, spring
| Package | 16.04 LTS |
|---|---|
| assimp | Needs evaluation |
| qt6-3d | — |
| qt6-quick3d | — |
| spring | Needs evaluation |
CVE-2024-48425
Medium priorityA segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at...
4 affected packages
assimp, qt6-3d, qt6-quick3d, spring
| Package | 16.04 LTS |
|---|---|
| assimp | Needs evaluation |
| qt6-3d | — |
| qt6-quick3d | — |
| spring | Needs evaluation |
CVE-2024-48424
Medium priorityA heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.
4 affected packages
assimp, qt6-3d, qt6-quick3d, spring
| Package | 16.04 LTS |
|---|---|
| assimp | Needs evaluation |
| qt6-3d | — |
| qt6-quick3d | — |
| spring | Needs evaluation |
CVE-2024-48423
Medium priorityAn issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library.
3 affected packages
assimp, qt6-3d, qt6-quick3d
| Package | 16.04 LTS |
|---|---|
| assimp | Needs evaluation |
| qt6-3d | — |
| qt6-quick3d | — |
CVE-2024-48208
Medium prioritypure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file.
1 affected packages
pure-ftpd
| Package | 16.04 LTS |
|---|---|
| pure-ftpd | Needs evaluation |
CVE-2024-46478
Medium priorityHTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-pdf.cxx:5681.
1 affected packages
htmldoc
| Package | 16.04 LTS |
|---|---|
| htmldoc | Needs evaluation |
CVE-2024-8312
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 17.3.6, 17.4 before 17.4.3, and 17.5 before 17.5.1. An attacker could inject HTML into the Global Search field on a diff view leading to XSS.
1 affected packages
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
CVE-2024-6826
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 17.3.6, 17.4 before 17.4.3, and 17.5 before 17.5.1. A denial of service could occur via importing a malicious crafted XML manifest file.
1 affected packages
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
CVE-2024-10041
Medium priorityA vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train...
1 affected packages
pam
| Package | 16.04 LTS |
|---|---|
| pam | Needs evaluation |