Search CVE reports
711 – 720 of 50657 results
When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in...
1 affected package
dovecot
| Package | 16.04 LTS |
|---|---|
| dovecot | Not affected |
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a CHUNKING transfer, followed by a...
1 affected package
exim4
| Package | 16.04 LTS |
|---|---|
| exim4 | Ignored |
Not in release
Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 16.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 16.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 16.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable...
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 16.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Wireshark MCP is an MCP Server that turns tshark into a structured analysis interface, then layers in optional Wireshark suite utilities. In 1.1.5 and earlier, wireshark-mcp exposes a wireshark_export_objects MCP tool that accepts...
1 affected package
wireshark
| Package | 16.04 LTS |
|---|---|
| wireshark | Ignored |
HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the `Host:` header,...
1 affected package
libhttp-tiny-perl
| Package | 16.04 LTS |
|---|---|
| libhttp-tiny-perl | Ignored |
libcaca is a colour ASCII art library. In 0.99.beta20 and earlier, an integer overflow vulnerability in libcaca's canvas import functionality allows an attacker to cause a controlled heap out-of-bounds write (heap overflow) by...
1 affected package
libcaca
| Package | 16.04 LTS |
|---|---|
| libcaca | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and...
1 affected package
imagemagick
| Package | 16.04 LTS |
|---|---|
| imagemagick | Needs evaluation |