Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 11 results


CVE-2022-45956

Medium priority
Ignored

Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism.

1 affected packages

boa

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
boa Not in release Not in release Not in release Ignored
Show less packages

CVE-2022-44117

Medium priority
Ignored

** DISPUTED ** Boa 0.94.14rc21 is vulnerable to SQL Injection via username. NOTE: the is disputed by multiple third parties because Boa does not ship with any support for SQL.

1 affected packages

boa

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
boa Not in release Not in release Not in release Ignored
Show less packages

CVE-2021-33558

Medium priority
Ignored

** DISPUTED ** Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration involving backup.html, preview.html, js/log.js, log.html, email.html, online-users.html, and config.js. NOTE: multiple third...

1 affected packages

boa

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
boa Not in release Not in release Not in release Ignored
Show less packages

CVE-2018-21028

Medium priority

Not in release

Boa through 0.94.14rc21 allows remote attackers to trigger a memory leak because of missing calls to the free function.

1 affected packages

boa

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
boa Not in release Not in release
Show less packages

CVE-2018-21027

Medium priority

Not in release

Boa through 0.94.14rc21 allows remote attackers to trigger an out-of-memory (OOM) condition because malloc is mishandled.

1 affected packages

boa

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
boa Not in release Not in release
Show less packages

CVE-2019-9976

Medium priority

Not in release

The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users.

1 affected packages

boa

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
boa Not in release Not in release
Show less packages

CVE-2018-19865

Low priority
Needs evaluation

A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x, and 5.11.x before 5.11.3.

1 affected packages

qtvirtualkeyboard-opensource-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qtvirtualkeyboard-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
Show less packages

CVE-2017-9833

Medium priority

Not in release

** DISPUTED ** /cgi-bin/wapopen in Boa 0.94.14rc21 allows the injection of "../.." using the FILECAMERA variable (sent by GET) to read files with root privileges. NOTE: multiple third parties report that this is...

1 affected packages

boa

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
boa Not in release Not in release
Show less packages

CVE-2016-4972

Medium priority
Vulnerable

OpenStack Murano before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), Murano-dashboard before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), and python-muranoclient before 0.7.3 (liberty) and 0.8.x before 0.8.5...

3 affected packages

murano, murano-dashboard, python-muranoclient

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
murano Not affected Not affected Not affected Not affected Vulnerable
murano-dashboard Not affected Not affected Not affected Not affected Vulnerable
python-muranoclient Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2009-4496

Negligible priority

Some fixes available 1 of 14

Boa 0.94.14rc21 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request...

1 affected packages

boa

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
boa Not in release
Show less packages