Search CVE reports
21 – 30 of 94 results
CVE-2022-26562
Medium prioritySome fixes available 3 of 5
An issue in provider/libserver/ECKrbAuth.cpp of Kopano Core <= v11.0.2.51 contains an issue which allows attackers to authenticate even if the user account or password is expired. It also exists in the predecessor...
1 affected packages
kopanocore
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
kopanocore | Not in release | Fixed | Fixed | Fixed | Ignored |
CVE-2022-26184
Medium priorityPoetry v1.1.9 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when users execute Poetry commands in a directory containing malicious content....
2 affected packages
poetry, poetry-core
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
poetry | Needs evaluation | Needs evaluation | — | — | Ignored |
poetry-core | Needs evaluation | Needs evaluation | — | — | Ignored |
CVE-2021-3620
Medium prioritySome fixes available 2 of 11
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is...
3 affected packages
ansible, ansible-base, ansible-core
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ansible | Vulnerable | Fixed | Fixed | Not affected | Not affected |
ansible-base | Not in release | Not in release | Not in release | Not in release | Ignored |
ansible-core | Not affected | Not affected | Not in release | Not in release | Ignored |
CVE-2021-4070
Medium priorityOff-by-one Error in GitHub repository v2fly/v2ray-core prior to 4.44.0.
1 affected packages
golang-v2ray-core
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-v2ray-core | Not affected | Needs evaluation | — | — | — |
CVE-2021-44847
Medium prioritySome fixes available 5 of 8
A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote...
1 affected packages
libtoxcore
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libtoxcore | Fixed | Fixed | Vulnerable | Not in release | Ignored |
CVE-2018-25022
Medium priorityThe Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address (when knowing only their Tox Id) by positioning themselves close to...
1 affected packages
libtoxcore
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libtoxcore | — | Not affected | Not affected | Not in release | Not in release |
CVE-2018-25021
Medium priorityThe TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain conditions, which allows a remote attacker to exhaust the system's memory, causing a denial of service (DoS).
1 affected packages
libtoxcore
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libtoxcore | — | Not affected | Not affected | Not in release | Ignored |
CVE-2021-3583
Medium prioritySome fixes available 4 of 13
A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts...
3 affected packages
ansible, ansible-base, ansible-core
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ansible | Vulnerable | Fixed | Fixed | Fixed | Fixed |
ansible-base | Not in release | Not in release | Not in release | Not in release | Ignored |
ansible-core | Not affected | Not affected | Not in release | Not in release | Ignored |
CVE-2021-28994
Medium prioritykopano-ical (formerly zarafa-ical) in Kopano Groupware Core through 8.7.16, 9.x through 9.1.0, 10.x through 10.0.7, and 11.x through 11.0.1 and Zarafa 6.30.x through 7.2.x allows memory exhaustion via long HTTP headers.
1 affected packages
kopanocore
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
kopanocore | Not in release | Vulnerable | Vulnerable | Vulnerable | Not in release |
CVE-2021-23358
Medium priorityThe package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is...
1 affected packages
underscore
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
underscore | — | — | Fixed | Fixed | Fixed |