CVE search results

251 – 260 of 491 results

Detailed view

Sort by:

CVE-2018-10361

Medium priority

Vulnerable

An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on...

1 affected package

ktexteditor

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ktexteditor	Not affected	Not affected	Not affected	Vulnerable

CVE-2018-9861

Medium priority

Some fixes available 2 of 8

Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4.5.10 through 4.9.1; fixed in 4.9.2), as used in Drupal 8 before 8.4.7 and 8.5.x before 8.5.2 and other products, allows...

1 affected package

ckeditor

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ckeditor	—	Not affected	Not affected	Fixed

CVE-2018-8107

Negligible priority

Vulnerable

The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

4 affected packages

libextractor, ipe, poppler, xpdf

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libextractor	Not affected	Not affected	Not affected	Not affected
ipe	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
poppler	Not affected	Not affected	Not affected	Not affected
xpdf	Vulnerable	Vulnerable	Not in release	Vulnerable

CVE-2018-8106

Negligible priority

Vulnerable

The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

4 affected packages

ipe, libextractor, poppler, xpdf

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ipe	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libextractor	Not affected	Not affected	Not affected	Not affected
poppler	Not affected	Not affected	Not affected	Not affected
xpdf	Vulnerable	Vulnerable	Not in release	Vulnerable

CVE-2018-8105

Negligible priority

Vulnerable

The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

4 affected packages

libextractor, ipe, poppler, xpdf

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libextractor	Not affected	Not affected	Not affected	Not affected
ipe	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
poppler	Not affected	Not affected	Not affected	Not affected
xpdf	Vulnerable	Vulnerable	Not in release	Vulnerable

CVE-2018-8104

Negligible priority

Vulnerable

The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

4 affected packages

xpdf, libextractor, ipe, poppler

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
xpdf	Vulnerable	Vulnerable	Not in release	Vulnerable
libextractor	Not affected	Not affected	Not affected	Not affected
ipe	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
poppler	Not affected	Not affected	Not affected	Not affected

CVE-2018-8103

Negligible priority

Vulnerable

The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

4 affected packages

ipe, libextractor, poppler, xpdf

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ipe	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libextractor	Not affected	Not affected	Not affected	Not affected
poppler	Not affected	Not affected	Not affected	Not affected
xpdf	Vulnerable	Vulnerable	Not in release	Vulnerable

CVE-2018-8102

Negligible priority

Vulnerable

The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

4 affected packages

libextractor, poppler, ipe, xpdf

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libextractor	Not affected	Not affected	Not affected	Not affected
poppler	Not affected	Not affected	Not affected	Not affected
ipe	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xpdf	Vulnerable	Vulnerable	Not in release	Vulnerable

CVE-2018-8101

Negligible priority

Vulnerable

The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

4 affected packages

ipe, libextractor, poppler, xpdf

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ipe	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libextractor	Not affected	Not affected	Not affected	Not affected
poppler	Not affected	Not affected	Not affected	Not affected
xpdf	Vulnerable	Vulnerable	Not in release	Vulnerable

CVE-2018-8100

Negligible priority

Vulnerable

The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file,...

4 affected packages

ipe, libextractor, poppler, xpdf

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ipe	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libextractor	Not affected	Not affected	Not affected	Not affected
poppler	Not affected	Not affected	Not affected	Not affected
xpdf	Vulnerable	Vulnerable	Not in release	Vulnerable

Export to JSON

Results by page:

Search CVE reports