Search CVE reports
91 – 100 of 491 results
Some fixes available 10 of 30
A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their...
5 affected packages
python-glance-store, python-os-brick, nova, ironic, cinder
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| python-glance-store | — | Fixed | Ignored | Ignored |
| python-os-brick | — | Fixed | Ignored | Ignored |
| nova | — | Fixed | Ignored | Ignored |
| ironic | — | Fixed | Ignored | Ignored |
| cinder | — | Fixed | Ignored | Ignored |
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network...
1 affected package
mysql-connector-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mysql-connector-java | Not in release | Not in release | Not in release | Needs evaluation |
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after...
4 affected packages
ldap-account-manager, request-tracker4, ckeditor, ckeditor3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ckeditor | Not affected | Vulnerable | Vulnerable | Vulnerable |
| ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CKSource CKEditor 5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget. NOTE: the vendor's position is that this is not a vulnerability. The CKEditor 5 documentation...
4 affected packages
ldap-account-manager, request-tracker4, ckeditor3, ckeditor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ldap-account-manager | Not affected | Not affected | Not affected | Not affected |
| request-tracker4 | Not affected | Not affected | Not affected | Not affected |
| ckeditor3 | Not affected | Not affected | Not affected | Not affected |
| ckeditor | Not affected | Not affected | Not affected | Not affected |
A stack buffer overflow exists in the ec_glob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6...
1 affected package
editorconfig-core
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| editorconfig-core | Not affected | Fixed | Fixed | Fixed |
The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002.
1 affected package
tor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tor | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
CKEditor Integration UI adds support for editing wiki pages using CKEditor. Prior to versions 1.64.3,t he `CKEditor.HTMLConverter` document lacked a protection against Cross-Site Request Forgery (CSRF), allowing to execute macros...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ckeditor | Not affected | Not affected | Not affected | Not affected |
| ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely.
1 affected package
pytorch
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pytorch | Not in release | Needs evaluation | Not in release | Not in release |
Fusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS)...
1 affected package
fusiondirectory
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| fusiondirectory | — | Needs evaluation | Needs evaluation | Needs evaluation |
Fusiondirectory 1.3 suffers from Improper Session Handling.
1 affected package
fusiondirectory
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| fusiondirectory | — | Needs evaluation | Needs evaluation | Needs evaluation |