Search CVE reports
101 – 110 of 134 results
CVE-2014-3538
Low prioritySome fixes available 3 of 4
file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking...
1 affected packages
file
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
file | — | — | — | — | — |
CVE-2013-7345
Low prioritySome fixes available 4 of 5
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU...
1 affected packages
file
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
file | — | — | — | — | — |
CVE-2014-2270
Medium prioritysoftmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.
2 affected packages
file, php5
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
file | — | — | — | — | — |
php5 | — | — | — | — | — |
CVE-2014-1943
Medium priorityFine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
2 affected packages
file, php5
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
file | — | — | — | — | — |
php5 | — | — | — | — | — |
CVE-2014-0050
Medium prioritySome fixes available 2 of 8
MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a...
3 affected packages
libcommons-fileupload-java, tomcat6, tomcat7
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libcommons-fileupload-java | — | — | — | Not affected | Not affected |
tomcat6 | — | — | — | Not in release | Not affected |
tomcat7 | — | — | — | Not affected | Not affected |
CVE-2013-2186
Medium priorityThe DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL...
1 affected packages
libcommons-fileupload-java
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libcommons-fileupload-java | — | — | — | — | — |
CVE-2013-4852
Medium prioritySome fixes available 14 of 26
Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use...
2 affected packages
filezilla, putty
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
filezilla | — | — | — | Not affected | Not affected |
putty | — | — | — | Fixed | Fixed |
CVE-2013-4668
Medium priorityDirectory traversal vulnerability in File Roller 3.6.x before 3.6.4, 3.8.x before 3.8.3, and 3.9.x before 3.9.3, when libarchive is used, allows remote attackers to create arbitrary files via a crafted archive that is not properly...
1 affected packages
file-roller
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
file-roller | — | — | — | — | — |
CVE-2013-0248
Negligible priorityThe default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.
1 affected packages
libcommons-fileupload-java
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libcommons-fileupload-java | — | — | — | — | — |
CVE-2012-1571
Low prioritySome fixes available 2 of 6
file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.
1 affected packages
file
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
file | — | — | — | — | — |