Search CVE reports

Toggle filters

9511 – 9520 of 60314 results

CVE-2023-52169

Medium priority

Some fixes available 2 of 3

The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains an out-of-bounds read that allows an attacker to read beyond the intended buffer. The bytes read beyond the intended buffer are presented as a part of a...

1 affected package

7zip

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
7zip Fixed Fixed Not in release
Show less packages

CVE-2023-52168

Medium priority

Some fixes available 2 of 3

The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512*i-2, for i=9,...

1 affected package

7zip

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
7zip Fixed Fixed Not in release
Show less packages

CVE-2024-39844

Medium priority

Some fixes available 6 of 7

In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK.

1 affected package

znc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
znc Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-6126

Medium priority
Vulnerable

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack.

1 affected package

cockpit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
cockpit Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2024-6052

Medium priority
Needs evaluation

Stored XSS in Checkmk before versions 2.3.0p8, 2.2.0p29, 2.1.0p45, and 2.0.0 (EOL) allows users to execute arbitrary scripts by injecting HTML elements

1 affected package

check-mk

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
check-mk Not in release Not in release Not in release Needs evaluation
Show less packages

CVE-2024-39223

Medium priority
Needs evaluation

An authentication bypass in the SSH service of gost v2.11.5 allows attackers to intercept communications via setting the HostKeyCallback function to ssh.InsecureIgnoreHostKey

1 affected package

gost

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gost Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-24791

Medium priority

Some fixes available 8 of 29

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an...

14 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang Not in release Not in release Not in release
golang-1.6 Not in release Not in release Not in release
golang-1.8 Not in release Not in release Not in release Needs evaluation
golang-1.9 Not in release Not in release Not in release Needs evaluation
golang-1.10 Not in release Not in release Not in release Needs evaluation
golang-1.13 Not in release Needs evaluation Needs evaluation Needs evaluation
golang-1.14 Not in release Not in release Needs evaluation
golang-1.16 Not in release Not in release Needs evaluation Needs evaluation
golang-1.17 Not in release Fixed Not in release
golang-1.18 Not in release Fixed Fixed Fixed
golang-1.19 Not in release Not in release Not in release
golang-1.20 Not in release Needs evaluation Needs evaluation
golang-1.21 Needs evaluation Needs evaluation Needs evaluation
golang-1.22 Fixed Fixed Fixed
Show all 14 packages Show less packages

CVE-2023-24531

Medium priority

Some fixes available 5 of 26

Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing...

14 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang Not in release Not in release Not in release
golang-1.6 Not in release Not in release Not in release
golang-1.8 Not in release Not in release Not in release Needs evaluation
golang-1.9 Not in release Not in release Not in release Needs evaluation
golang-1.10 Not in release Not in release Not in release Needs evaluation
golang-1.13 Not in release Needs evaluation Needs evaluation Needs evaluation
golang-1.14 Not in release Not in release Needs evaluation
golang-1.16 Not in release Not in release Needs evaluation Needs evaluation
golang-1.17 Not in release Fixed Not in release
golang-1.18 Not in release Fixed Fixed Fixed
golang-1.19 Not in release Not in release Not in release
golang-1.20 Not in release Needs evaluation Needs evaluation
golang-1.21 Needs evaluation Needs evaluation Needs evaluation
golang-1.22 Not affected Not affected Not affected
Show all 14 packages Show less packages

CVE-2022-30636

Low priority
Not affected

httpTokenCacheKey uses path.Base to extract the expected HTTP-01 token value to lookup in the DirCache implementation. On Windows, path.Base acts differently to filepath.Base, since Windows uses a different path separator (\ vs....

14 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang Not in release Not in release Not in release
golang-1.6 Not in release Not in release Not in release
golang-1.8 Not in release Not in release Not in release Not affected
golang-1.9 Not in release Not in release Not in release Not affected
golang-1.10 Not in release Not in release Not in release Not affected
golang-1.13 Not in release Not affected Not affected Not affected
golang-1.14 Not in release Not in release Not affected
golang-1.16 Not in release Not in release Not affected Not affected
golang-1.17 Not in release Not affected Not in release
golang-1.18 Not in release Not affected Not affected Not affected
golang-1.19 Not in release Not in release Not in release
golang-1.20 Not in release Not affected Not affected
golang-1.21 Not affected Not affected Not affected
golang-1.22 Not affected Not affected Not affected
Show all 14 packages Show less packages

CVE-2024-6381

Medium priority

Some fixes available 3 of 6

The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corruption. This issue affected...

2 affected packages

libbson, mongo-c-driver

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libbson Not in release Not in release Not in release Needs evaluation
mongo-c-driver Fixed Fixed Fixed
Show less packages
  1. Previous page
  2. 950
  3. 951
  4. 952
  5. 953
  6. 954
  7. Next page
Export to JSON