Search CVE reports
431 – 440 of 490 results
Rejected reason: gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path that does not...
1 affected package
ganglia-monitor-core
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ganglia-monitor-core | — | — | — | — |
Stack-based buffer overflow in the process_path function in gmetad/server.c in Ganglia 3.1.1 allows remote attackers to cause a denial of service (crash) via a request to the gmetad service with a long pathname.
2 affected packages
ganglia, ganglia-monitor-core
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ganglia | — | — | — | — |
| ganglia-monitor-core | — | — | — | — |
Some fixes available 3 of 4
Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.
3 affected packages
ktorrent, ktorrent-kde4, ktorrent2.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ktorrent | — | — | — | — |
| ktorrent-kde4 | — | — | — | — |
| ktorrent2.2 | — | — | — | — |
Some fixes available 3 of 4
The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.
3 affected packages
ktorrent, ktorrent-kde4, ktorrent2.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ktorrent | — | — | — | — |
| ktorrent-kde4 | — | — | — | — |
| ktorrent2.2 | — | — | — | — |
Tor before 0.2.0.32 does not properly process the ClientDNSRejectInternalAddresses configuration option in situations where an exit relay issues a policy-based refusal of a stream, which allows remote exit relays to have an...
1 affected package
tor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tor | — | — | — | — |
Tor before 0.2.0.32 does not properly process the (1) User and (2) Group configuration options, which might allow local users to gain privileges by leveraging unintended supplementary group memberships of the Tor process.
1 affected package
tor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tor | — | — | — | — |
Absolute path traversal vulnerability in fckeditor/editor/filemanager/browser/default/connectors/php/connector.php in UNAK-CMS 1.5.5 allows remote attackers to include and execute arbitrary local files via a full pathname in the...
1 affected package
fckeditor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| fckeditor | — | — | — | — |
Some fixes available 2 of 13
The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.
11 affected packages
xpdf, gpdf, ipe, kdegraphics, koffice...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xpdf | — | — | — | — |
| gpdf | — | — | — | — |
| ipe | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| libextractor | — | — | — | — |
| pdfkit.framework | — | — | — | — |
| pdftohtml | — | — | — | — |
| poppler | — | — | — | — |
| tetex-bin | — | — | — | — |
| texlive-bin | — | — | — | — |
Some fixes available 10 of 26
The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote...
11 affected packages
gpdf, ipe, kdegraphics, koffice, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gpdf | — | — | — | — |
| ipe | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| libextractor | — | — | — | — |
| pdfkit.framework | — | — | — | — |
| pdftohtml | — | — | — | — |
| poppler | — | — | — | — |
| tetex-bin | — | — | — | — |
| texlive-bin | — | — | — | — |
| xpdf | — | — | — | — |
The bdecode_recursive function in include/libtorrent/bencode.hpp in Rasterbar Software libtorrent before 0.12.1, as used in Deluge before 0.5.8.3 and other products, allows context-dependent attackers to cause a denial of service...
3 affected packages
deluge, deluge-torrent, libtorrent
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| deluge | — | — | — | — |
| deluge-torrent | — | — | — | — |
| libtorrent | — | — | — | — |