Search CVE reports
11 – 20 of 94 results
CVE-2023-2798
Medium priorityThose using HtmlUnit to browse untrusted webpages may be vulnerable to Denial of service attacks (DoS). If HtmlUnit is running on user supplied web pages, an attacker may supply content that causes HtmlUnit to crash by a stack...
2 affected packages
htmlunit, jenkins-htmlunit-core-js
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
htmlunit | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
jenkins-htmlunit-core-js | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-26923
Medium priorityMusescore 3.0 to 4.0.1 has a stack buffer overflow vulnerability that occurs when reading misconfigured midi files. If attacker can additional information, attacker can execute arbitrary code.
1 affected packages
musescore
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
musescore | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-0341
Medium priorityA stack buffer overflow exists in the ec_glob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6...
1 affected packages
editorconfig-core
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
editorconfig-core | Not affected | Fixed | Fixed | Fixed | Fixed |
CVE-2022-3064
Medium prioritySome fixes available 3 of 26
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
6 affected packages
golang-github-coreos-discovery-etcd-io, golang-gopkg-yaml.v3, golang-yaml.v2, kubernetes, singularity-container, webhook
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-github-coreos-discovery-etcd-io | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
golang-gopkg-yaml.v3 | Not affected | Not affected | Not in release | Not in release | Ignored |
golang-yaml.v2 | Not affected | Not affected | Fixed | Fixed | Fixed |
kubernetes | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
singularity-container | Needs evaluation | Not in release | Not in release | Needs evaluation | Ignored |
webhook | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
CVE-2021-4235
Medium prioritySome fixes available 3 of 26
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
6 affected packages
golang-github-coreos-discovery-etcd-io, golang-gopkg-yaml.v3, golang-yaml.v2, kubernetes, singularity-container, webhook
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-github-coreos-discovery-etcd-io | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
golang-gopkg-yaml.v3 | Not affected | Not affected | Not in release | Not in release | Ignored |
golang-yaml.v2 | Not affected | Not affected | Fixed | Fixed | Fixed |
kubernetes | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
singularity-container | Needs evaluation | Not in release | Not in release | Needs evaluation | Ignored |
webhook | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
CVE-2017-20146
Medium priorityUsage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the expected behavior of the Same Origin Policy.
2 affected packages
golang-github-coreos-discovery-etcd-io, golang-github-gorilla-handlers
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-github-coreos-discovery-etcd-io | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
golang-github-gorilla-handlers | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-3697
Medium prioritySome fixes available 3 of 10
A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the...
2 affected packages
ansible, ansible-core
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ansible | Not affected | Fixed | Fixed | Fixed | Not affected |
ansible-core | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
CVE-2022-39286
Medium priorityJupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior to version 4.11.2 contains an arbitrary code execution vulnerability in `jupyter_core` that stems from `jupyter_core` executing...
1 affected packages
jupyter-core
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
jupyter-core | — | Fixed | Fixed | Fixed | Ignored |
CVE-2022-2568
Medium priorityA privilege escalation flaw was found in the Ansible Automation Platform. This flaw allows a remote authenticated user with 'change user' permissions to modify the account settings of the superuser account and also remove...
3 affected packages
ansible, ansible-base, ansible-core
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ansible | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ansible-base | Not in release | Not in release | Not in release | Not in release | Not in release |
ansible-core | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
CVE-2022-29264
Medium priorityAn issue was discovered in coreboot 4.13 through 4.16. On APs, arbitrary code execution in SMM may occur.
1 affected packages
coreboot
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
coreboot | Needs evaluation | Not in release | Not in release | Not in release | Ignored |