Search CVE reports


Toggle filters

1 – 10 of 1255 results


CVE-2024-41811

Medium priority
Needs evaluation

ipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. (CSRF). All affected products, in any version, will...

1 affected package

icinga-php-library

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icinga-php-library Needs evaluation Needs evaluation Not in release
Show less packages

CVE-2024-36052

Medium priority
Not affected

RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.

1 affected package

unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unrar-nonfree Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2024-33899

Medium priority

Some fixes available 2 of 5

RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences.

1 affected package

unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unrar-nonfree Not affected Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2023-43281

Medium priority
Needs evaluation

Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbi_load_gif_main function.

14 affected packages

arm-compute-library, armnn, bibledit, bibledit-cloud, emscripten...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
arm-compute-library Needs evaluation Needs evaluation Not in release Ignored Ignored
armnn Needs evaluation Needs evaluation Not in release Ignored Ignored
bibledit Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
bibledit-cloud Needs evaluation Needs evaluation Needs evaluation Ignored Ignored
emscripten Needs evaluation Needs evaluation Not in release Needs evaluation Needs evaluation
goxel Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
libsfml Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libstb Needs evaluation Needs evaluation Needs evaluation Ignored Ignored
love Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
mame Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
timg Needs evaluation Needs evaluation Not in release Ignored Ignored
tiny-dnn Needs evaluation Not in release Not in release Ignored Ignored
utox Needs evaluation Needs evaluation Needs evaluation Ignored Ignored
visp Needs evaluation Needs evaluation Not in release Needs evaluation Needs evaluation
Show all 14 packages Show less packages

CVE-2023-40477

Medium priority

Some fixes available 11 of 19

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR....

3 affected packages

libclamunrar, rar, unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libclamunrar Not affected Fixed Fixed Vulnerable Vulnerable
rar Fixed Fixed Fixed Vulnerable Vulnerable
unrar-nonfree Not affected Fixed Fixed Vulnerable Vulnerable
Show less packages

CVE-2022-48579

Medium priority

Some fixes available 2 of 4

UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains.

1 affected package

unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unrar-nonfree Not affected Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2023-2976

Medium priority
Needs evaluation

Use of Java’s default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to...

1 affected package

guava-libraries

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
guava-libraries Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2011-4916

Low priority
Ignored

Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.

18 affected packages

linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-armadaxp
linux-ec2
linux-flo
linux-fsl-imx51
linux-goldfish
linux-grouper
linux-lts-backport-maverick
linux-lts-backport-natty
linux-lts-backport-oneiric
linux-lts-quantal
linux-lts-raring
linux-lts-saucy
linux-maguro
linux-mako
linux-manta
linux-mvl-dove
linux-ti-omap4
Show all 18 packages Show less packages

CVE-2022-30333

High priority

Some fixes available 10 of 18

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.

3 affected packages

libclamunrar, rar, unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libclamunrar Not affected Fixed Fixed Vulnerable Vulnerable
rar Fixed Fixed Fixed Needs evaluation Needs evaluation
unrar-nonfree Not affected Fixed Fixed Vulnerable Needs evaluation
Show less packages

CVE-2011-4917

Low priority
Ignored

In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat.

18 affected packages

linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-armadaxp
linux-ec2
linux-flo
linux-fsl-imx51
linux-goldfish
linux-grouper
linux-lts-backport-maverick
linux-lts-backport-natty
linux-lts-backport-oneiric
linux-lts-quantal
linux-lts-raring
linux-lts-saucy
linux-maguro
linux-mako
linux-manta
linux-mvl-dove
linux-ti-omap4
Show all 18 packages Show less packages