Search CVE reports
4021 – 4030 of 44995 results
The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.
1 affected package
ppp
| Package | 16.04 LTS |
|---|---|
| ppp | Ignored |
An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a crafted script
1 affected package
mimetex
| Package | 16.04 LTS |
|---|---|
| mimetex | Needs evaluation |
A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.
1 affected package
mimetex
| Package | 16.04 LTS |
|---|---|
| mimetex | Needs evaluation |
Some fixes available 1 of 8
In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.
8 affected packages
dcraw, ufraw, darktable, exactimage, rawtherapee...
| Package | 16.04 LTS |
|---|---|
| dcraw | Needs evaluation |
| ufraw | Needs evaluation |
| darktable | Needs evaluation |
| exactimage | Needs evaluation |
| rawtherapee | Needs evaluation |
| libraw | Fixed |
| kodi | Needs evaluation |
| digikam | Needs evaluation |
Some fixes available 1 of 8
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing.
8 affected packages
ufraw, darktable, exactimage, dcraw, rawtherapee...
| Package | 16.04 LTS |
|---|---|
| ufraw | Needs evaluation |
| darktable | Needs evaluation |
| exactimage | Needs evaluation |
| dcraw | Needs evaluation |
| rawtherapee | Needs evaluation |
| kodi | Needs evaluation |
| digikam | Needs evaluation |
| libraw | Fixed |
Some fixes available 1 of 8
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations.
8 affected packages
ufraw, darktable, exactimage, dcraw, rawtherapee...
| Package | 16.04 LTS |
|---|---|
| ufraw | Needs evaluation |
| darktable | Needs evaluation |
| exactimage | Needs evaluation |
| dcraw | Needs evaluation |
| rawtherapee | Needs evaluation |
| kodi | Needs evaluation |
| digikam | Needs evaluation |
| libraw | Fixed |
Some fixes available 1 of 8
In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser.
8 affected packages
dcraw, ufraw, darktable, exactimage, libraw...
| Package | 16.04 LTS |
|---|---|
| dcraw | Needs evaluation |
| ufraw | Needs evaluation |
| darktable | Needs evaluation |
| exactimage | Needs evaluation |
| libraw | Fixed |
| rawtherapee | Needs evaluation |
| kodi | Needs evaluation |
| digikam | Needs evaluation |
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless...
1 affected package
mailman
| Package | 16.04 LTS |
|---|---|
| mailman | Needs evaluation |
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple...
1 affected package
mailman
| Package | 16.04 LTS |
|---|---|
| mailman | Needs evaluation |
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the...
1 affected package
mailman
| Package | 16.04 LTS |
|---|---|
| mailman | Needs evaluation |