Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 97 results


CVE-2014-8630

High priority
Ignored

Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering...

2 affected packages

bugzilla, bugzilla4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bugzilla
bugzilla4
Show less packages

CVE-2014-1573

Medium priority
Ignored

Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not ensure that a scalar context is used for certain CGI parameters, which allows remote attackers...

1 affected packages

bugzilla

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bugzilla
Show less packages

CVE-2014-1572

Medium priority
Ignored

The confirm_create_account function in the account-creation feature in token.cgi in Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not specify a...

1 affected packages

bugzilla

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bugzilla
Show less packages

CVE-2014-1571

Medium priority
Ignored

Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 allows remote authenticated users to obtain sensitive private-comment information by leveraging a role...

1 affected packages

bugzilla

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bugzilla
Show less packages

CVE-2014-1546

Medium priority
Not affected

The response function in the JSONP endpoint in WebService/Server/JSONRPC.pm in jsonrpc.cgi in Bugzilla 3.x and 4.x before 4.0.14, 4.1.x and 4.2.x before 4.2.10, 4.3.x and 4.4.x before 4.4.5, and 4.5.x before 4.5.5 accepts certain...

1 affected packages

bugzilla

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bugzilla
Show less packages

CVE-2014-1517

Medium priority
Ignored

The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before 4.5.3 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain...

1 affected packages

bugzilla

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bugzilla
Show less packages

CVE-2013-1743

Medium priority
Not affected

Multiple cross-site scripting (XSS) vulnerabilities in report.cgi in Bugzilla 4.1.x and 4.2.x before 4.2.7 and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a field value that is...

1 affected packages

bugzilla

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bugzilla
Show less packages

CVE-2013-1742

Medium priority
Not affected

Multiple cross-site scripting (XSS) vulnerabilities in editflagtypes.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web...

1 affected packages

bugzilla

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bugzilla
Show less packages

CVE-2013-1734

Medium priority
Ignored

Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allows remote attackers to hijack the authentication...

1 affected packages

bugzilla

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bugzilla
Show less packages

CVE-2013-1733

Medium priority
Not affected

Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a...

1 affected packages

bugzilla

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bugzilla
Show less packages