Search CVE reports
71 – 80 of 134 results
CVE-2017-6832
Medium priorityHeap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
1 affected packages
audiofile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
audiofile | — | — | — | — | Fixed |
CVE-2017-6831
Medium priorityHeap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7 allows remote attackers to cause a denial of service (crash) via...
1 affected packages
audiofile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
audiofile | — | — | — | — | Fixed |
CVE-2017-6830
Medium priorityHeap-based buffer overflow in the alaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
1 affected packages
audiofile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
audiofile | — | — | — | — | Fixed |
CVE-2017-6829
Medium priorityThe decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
1 affected packages
audiofile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
audiofile | — | — | — | — | Fixed |
CVE-2016-1000031
Negligible priorityApache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution
4 affected packages
libcommons-fileupload-java, tomcat6, tomcat7, tomcat8
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libcommons-fileupload-java | — | — | — | — | Ignored |
tomcat6 | — | — | — | — | Ignored |
tomcat7 | — | — | — | — | Ignored |
tomcat8 | — | — | — | — | Ignored |
CVE-2016-7162
Medium priorityThe _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.
1 affected packages
file-roller
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
file-roller | — | — | — | — | Fixed |
CVE-2016-3092
Medium prioritySome fixes available 8 of 13
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a...
5 affected packages
libcommons-fileupload-java, tomcat6, tomcat7, tomcat8, tomcat9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libcommons-fileupload-java | Not affected | Not affected | Not affected | Not affected | Fixed |
tomcat6 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
tomcat7 | Not in release | Not in release | Not in release | Not affected | Fixed |
tomcat8 | Not in release | Not in release | Not in release | Not affected | Fixed |
tomcat9 | Not affected | Not affected | Not affected | Not affected | Not in release |
CVE-2014-0236
Medium priorityfile before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage value in a CDF file, related to...
2 affected packages
file, php5
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
file | — | — | — | — | — |
php5 | — | — | — | — | — |
CVE-2015-8607
Medium priorityThe canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection...
2 affected packages
libfile-spec-perl, perl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libfile-spec-perl | — | — | — | — | — |
perl | — | — | — | — | — |
CVE-2015-8865
Low prioritySome fixes available 5 of 7
The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent...
3 affected packages
file, php5, php7.0
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
file | — | — | — | Not affected | Not affected |
php5 | — | — | — | Not in release | Not in release |
php7.0 | — | — | — | Not in release | Fixed |