CVE search results

261 – 270 of 1231 results

Detailed view

Sort by:

CVE-2024-28564

Medium priority

Vulnerable

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the Imf_2_2::CharPtrIO::readChars() function when reading images in EXR format.

1 affected package

freeimage

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freeimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2024-28563

Medium priority

Vulnerable

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the Imf_2_2::DwaCompressor::Classifier::Classifier() function when reading images in EXR format.

1 affected package

freeimage

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freeimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2024-28562

Medium priority

Vulnerable

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Imf_2_2::copyIntoFrameBuffer() component when reading images in EXR format.

1 affected package

freeimage

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freeimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2024-23333

Medium priority

Needs evaluation

LDAP Account Manager (LAM) is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by...

1 affected package

ldap-account-manager

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ldap-account-manager	Not affected	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2024-24786

Medium priority

Some fixes available 15 of 24

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the...

3 affected packages

golang-google-protobuf, google-guest-agent, google-osconfig-agent

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
golang-google-protobuf	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	—
google-guest-agent	Fixed	Fixed	Fixed	Fixed	Not affected
google-osconfig-agent	Fixed	Fixed	Fixed	Needs evaluation	Needs evaluation

CVE-2024-24816

Medium priority

Vulnerable

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the `preview` feature....

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ckeditor	Not in release	Vulnerable	Vulnerable	Vulnerable	Vulnerable
ckeditor3	Not in release	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2024-24815

Medium priority

Vulnerable

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module in versions of CKEditor4 prior to 4.24.0-lts. It may affect all editor...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ckeditor	Not in release	Vulnerable	Vulnerable	Vulnerable	Vulnerable
ckeditor3	Not in release	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2023-47997

Medium priority

Vulnerable

An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an infinite loop and allows attackers to cause a denial of service.

1 affected package

freeimage

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freeimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2023-47996

Medium priority

Vulnerable

An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service.

1 affected package

freeimage

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freeimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2023-47995

Medium priority

Vulnerable

Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service.

1 affected package

freeimage

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freeimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable

Export to JSON

Results by page:

Search CVE reports