Search CVE reports
81 – 90 of 43538 results
[Unknown description]
1 affected package
openvpn
| Package | 22.04 LTS |
|---|---|
| openvpn | Needs evaluation |
An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemble_v2_incoming_fragments() would ignore unknown...
1 affected package
libreswan
| Package | 22.04 LTS |
|---|---|
| libreswan | Needs evaluation |
security update
8 affected packages
php5, php7.0, php7.2, php7.4, php8.1...
| Package | 22.04 LTS |
|---|---|
| php5 | Not in release |
| php7.0 | Not in release |
| php7.2 | Not in release |
| php7.4 | Not in release |
| php8.1 | Needs evaluation |
| php8.3 | Not in release |
| php8.4 | Not in release |
| php8.5 | Not in release |
Not in release
An unauthenticated remote attacker can exhaust server memory via the GetEndpoints Discovery Service in open62541. The endpointUrl field of GetEndpointsRequest is not validated for length. An attacker can declare an arbitrarily...
1 affected package
open62541
| Package | 22.04 LTS |
|---|---|
| open62541 | Not in release |
[Unknown description]
1 affected package
openvpn
| Package | 22.04 LTS |
|---|---|
| openvpn | Needs evaluation |
Netdata before 2.3.1 reflects the user-supplied love query parameter of the api/v2/ilove.svg and api/v3/ilove.svg endpoints verbatim into the generated SVG document (into a text element) without HTML or XML escaping, and...
1 affected package
netdata
| Package | 22.04 LTS |
|---|---|
| netdata | Needs evaluation |
Not in release
Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix...
1 affected package
php-horde-imp
| Package | 22.04 LTS |
|---|---|
| php-horde-imp | Not in release |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program...
1 affected package
mediawiki
| Package | 22.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program...
1 affected package
mediawiki
| Package | 22.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
Not in release
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can lead to a denial of service via Excessive Allocation (CAPEC-130). A user with elevated privileges can submit a specially crafted machine learning...
1 affected package
elasticsearch
| Package | 22.04 LTS |
|---|---|
| elasticsearch | Not in release |