CVE search results

81 – 90 of 465 results

Detailed view

Sort by:

CVE-2021-43177

Medium priority

Some fixes available 2 of 5

As a result of an incomplete fix for CVE-2015-7225, in versions of devise-two-factor prior to 4.0.2 it is possible to reuse a One-Time-Password (OTP) for one (and only one) immediately trailing interval. CVSS Vector:...

1 affected package

ruby-devise-two-factor

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ruby-devise-two-factor	Not affected	Fixed	Fixed	Not in release

CVE-2022-24803

Medium priority

Needs evaluation

Asciidoctor-include-ext is Asciidoctor’s standard include processor reimplemented as an extension. Versions prior to 0.4.0, when used to render user-supplied input in AsciiDoc markup, may allow an attacker to execute arbitrary...

1 affected package

ruby-asciidoctor-include-ext

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ruby-asciidoctor-include-ext	Needs evaluation	Needs evaluation	Needs evaluation	—

CVE-2022-24729

Low priority

Needs evaluation

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator...

4 affected packages

request-tracker4, ckeditor, ckeditor3, ldap-account-manager

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ckeditor	Not affected	Not affected	Not affected	Not affected
ckeditor3	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-24728

Medium priority

Some fixes available 4 of 40

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ckeditor	Not affected	Fixed	Fixed	Fixed
ckeditor3	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-24614

Medium priority

Needs evaluation

When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. This could be used to mount a...

1 affected package

libmetadata-extractor-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libmetadata-extractor-java	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-24613

Low priority

Needs evaluation

metadata-extractor up to 2.16.0 can throw various uncaught exceptions while parsing a specially crafted JPEG file, which could result in an application crash. This could be used to mount a denial of service attack against services...

1 affected package

libmetadata-extractor-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libmetadata-extractor-java	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-23853

Medium priority

Needs evaluation

The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it...

2 affected packages

kate, ktexteditor

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
kate	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ktexteditor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-21363

Medium priority

Needs evaluation

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network...

1 affected package

mysql-connector-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mysql-connector-java	—	—	—	Needs evaluation

CVE-2021-41165

Medium priority

Needs evaluation

CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ckeditor	Not affected	Needs evaluation	Needs evaluation	Needs evaluation
ckeditor3	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-41164

Medium priority

Needs evaluation

CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The vulnerability allowed to...

4 affected packages

ckeditor3, ldap-account-manager, request-tracker4, ckeditor

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ckeditor3	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ckeditor	Not affected	Needs evaluation	Needs evaluation	Needs evaluation

Export to JSON

Results by page:

Search CVE reports