Search CVE reports
171 – 180 of 47665 results
A time-of-create-to-time-of-use (TOCTOU) vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to be met: - The attacker must...
1 affected package
grafana
| Package | 16.04 LTS |
|---|---|
| grafana | Needs evaluation |
A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting...
1 affected package
udisks2
| Package | 16.04 LTS |
|---|---|
| udisks2 | Not affected |
A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the...
1 affected package
udisks2
| Package | 16.04 LTS |
|---|---|
| udisks2 | Not affected |
URLs containing percent-encoded slashes (`/` or `\`) can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects the wcurl command line tool.
1 affected package
curl
| Package | 16.04 LTS |
|---|---|
| curl | Not affected |
Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CVE-2020-26262 addressed...
1 affected package
coturn
| Package | 16.04 LTS |
|---|---|
| coturn | Needs evaluation |
A vulnerability was found in libvips up to 8.18.0. This affects the function vips_foreign_load_csv_build of the file libvips/foreign/csvload.c. The manipulation results in heap-based buffer overflow. The attack requires a local...
1 affected package
vips
| Package | 16.04 LTS |
|---|---|
| vips | Needs evaluation |
A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vips_foreign_load_matrix_header of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack...
1 affected package
vips
| Package | 16.04 LTS |
|---|---|
| vips | Needs evaluation |
A flaw has been found in libvips up to 8.18.0. The affected element is the function vips_foreign_load_matrix_file_is_a/vips_foreign_load_matrix_header of the file libvips/foreign/matrixload.c. Executing a manipulation can lead to...
1 affected package
vips
| Package | 16.04 LTS |
|---|---|
| vips | Needs evaluation |
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.2, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading the file. This has been fixed in pypdf 6.7.2....
2 affected packages
pypdf, pypdf2
| Package | 16.04 LTS |
|---|---|
| pypdf | — |
| pypdf2 | Needs evaluation |
Broken Authentication: Digest Nonce Replay via Missing Nonce-Count Enforcement
2 affected packages
libsoup2.4, libsoup3
| Package | 16.04 LTS |
|---|---|
| libsoup2.4 | Vulnerable |
| libsoup3 | — |