Search CVE reports
421 – 430 of 1235 results
Some fixes available 4 of 42
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Fake Objects](https://ckeditor.com/cke4/addon/fakeobjects) package. The vulnerability allowed...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ckeditor | Not in release | Not affected | Not affected | Fixed | Fixed |
| ckeditor3 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.11 before 13.11.7, all versions starting from 13.12 before 13.12.8, and all versions starting from 14.0 before 14.0.4. A specially crafted design...
2 affected packages
gitlab, gitlab-agent
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | Not in release | — |
| gitlab-agent | Needs evaluation | Needs evaluation | Not in release | Not in release | — |
KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE.
1 affected package
kimageformats
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| kimageformats | Not affected | Not affected | Not affected | Needs evaluation | Needs evaluation |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | — | — | — | Not affected | Not affected |
KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations. Deleting an attachment of a decrypted encrypted message stored on a remote server (e.g., an IMAP server) causes KMail to upload...
2 affected packages
kdepim4, kf5-messagelib
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| kdepim4 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
| kf5-messagelib | Not in release | Needs evaluation | Needs evaluation | Ignored | Ignored |
Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.
8 affected packages
libraw, ufraw, xbmc, darktable, dcraw...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libraw | Not affected | Not affected | Not affected | Not affected | Not affected |
| ufraw | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some...
6 affected packages
golang-1.11, golang-1.15, golang-1.16, golang-golang-x-net, golang-golang-x-net-dev, google-guest-agent
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| golang-1.11 | Not in release | Not in release | Not in release | Not in release | Not in release |
| golang-1.15 | — | — | — | Not in release | Not in release |
| golang-1.16 | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-golang-x-net | Not affected | Not affected | Not affected | Not in release | Not in release |
| golang-golang-x-net-dev | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
| google-guest-agent | Not affected | Not affected | Not affected | Not affected | Not affected |
Some fixes available 2 of 10
golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.
4 affected packages
golang-golang-x-net-dev, google-guest-agent, golang-golang-x-net, lxd
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| golang-golang-x-net-dev | — | Not in release | Not in release | Fixed | Not affected |
| google-guest-agent | — | Not affected | Not affected | Not affected | Not affected |
| golang-golang-x-net | — | Not affected | Not affected | Not in release | Not in release |
| lxd | — | Not in release | Not in release | Not affected | Fixed |
In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | — | Not affected | Not affected | Fixed | Fixed |
Some fixes available 13 of 16
A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality.
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | Fixed | Fixed | Fixed | Fixed | Fixed |