Search CVE reports
111 – 120 of 37724 results
Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single...
1 affected package
cockpit
| Package | 22.04 LTS |
|---|---|
| cockpit | Needs evaluation |
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerability exists in the CUPS scheduler (cupsd) when temporary printers are...
1 affected package
cups
| Package | 22.04 LTS |
|---|---|
| cups | Needs evaluation |
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in _ppdCreateFromIPP() (cups/ppd-cache.c) allows any...
1 affected package
cups
| Package | 22.04 LTS |
|---|---|
| cups | Needs evaluation |
Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template implementation in Addressable, two classes of URI...
1 affected package
ruby-addressable
| Package | 22.04 LTS |
|---|---|
| ruby-addressable | Needs evaluation |
A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH (Secure Shell) connections, and manipulation of trusted host information, posing a significant risk to the...
1 affected package
libssh
| Package | 22.04 LTS |
|---|---|
| libssh | Not affected |
A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare "d" or...
1 affected package
libarchive
| Package | 22.04 LTS |
|---|---|
| libarchive | Needs evaluation |
Not in release
Memory-safety vulnerability in github.com/jackc/pgx/v5.
1 affected package
golang-github-jackc-pgx-v5
| Package | 22.04 LTS |
|---|---|
| golang-github-jackc-pgx-v5 | Not in release |
Not in release
Memory-safety vulnerability in github.com/jackc/pgx/v5.
1 affected package
golang-github-jackc-pgx-v5
| Package | 22.04 LTS |
|---|---|
| golang-github-jackc-pgx-v5 | Not in release |
A heap-based buffer overflow vulnerability exists in the x3f_load_huffman functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to...
8 affected packages
libraw, ufraw, darktable, exactimage, dcraw...
| Package | 22.04 LTS |
|---|---|
| libraw | Needs evaluation |
| ufraw | Not in release |
| darktable | Needs evaluation |
| exactimage | Needs evaluation |
| dcraw | Needs evaluation |
| rawtherapee | Needs evaluation |
| kodi | Needs evaluation |
| digikam | Needs evaluation |
An integer overflow vulnerability exists in the uncompressed_fp_dng_load_raw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file...
8 affected packages
libraw, ufraw, darktable, exactimage, dcraw...
| Package | 22.04 LTS |
|---|---|
| libraw | Needs evaluation |
| ufraw | Not in release |
| darktable | Needs evaluation |
| exactimage | Needs evaluation |
| dcraw | Needs evaluation |
| rawtherapee | Needs evaluation |
| kodi | Needs evaluation |
| digikam | Needs evaluation |