Search CVE reports


Toggle filters

371 – 380 of 1279 results


CVE-2023-1417

Medium priority
Needs evaluation

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible for an unauthorised user to add child epics linked to victim's epic...

2 affected packages

gitlab-agent, gitlab

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab-agent Needs evaluation Needs evaluation Not in release Not in release
gitlab Not in release Not in release Not in release Not in release
Show less packages

CVE-2023-24473

Medium priority
Needs evaluation

An information disclosure vulnerability exists in the TGAInput::read_tga2_header functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to a disclosure of sensitive information. An...

1 affected package

openimageio

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openimageio Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-24472

Low priority
Needs evaluation

A denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide malicious...

1 affected package

openimageio

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openimageio Not affected Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-22845

Medium priority
Needs evaluation

An out-of-bounds read vulnerability exists in the TGAInput::decode_pixel() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a...

1 affected package

openimageio

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openimageio Not affected Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-1289

Low priority
Fixed

A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Fixed Fixed Fixed Fixed Not affected
Show less packages

CVE-2023-28439

Medium priority
Vulnerable

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after...

4 affected packages

ldap-account-manager, request-tracker4, ckeditor, ckeditor3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ldap-account-manager Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
request-tracker4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ckeditor Not in release Not affected Vulnerable Vulnerable Vulnerable
ckeditor3 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-28617

Medium priority

Some fixes available 5 of 33

org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters.

7 affected packages

xemacs21, xemacs21-packages, emacs, emacs23, emacs24...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xemacs21 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xemacs21-packages Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
emacs Not affected Not affected Fixed Fixed Not in release
emacs23 Not in release Not in release Not in release
emacs24 Not in release Not in release Not in release
emacs25 Not in release Not in release Fixed
org-mode Not affected Not affected Fixed Not affected Not affected
Show all 7 packages Show less packages

CVE-2023-27986

Medium priority
Needs evaluation

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90.

6 affected packages

xemacs21, xemacs21-packages, emacs, emacs23, emacs24, emacs25

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xemacs21 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xemacs21-packages Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
emacs Not affected Not affected Not affected Not affected Not in release
emacs23 Not in release Not in release Not in release
emacs24 Not in release Not in release Not in release
emacs25 Not in release Not in release Not affected
Show less packages

CVE-2023-27985

Medium priority
Needs evaluation

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90

6 affected packages

xemacs21, xemacs21-packages, emacs, emacs23, emacs24, emacs25

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xemacs21 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xemacs21-packages Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
emacs Not affected Not affected Not affected Not affected Not in release
emacs23 Not in release Not in release Not in release
emacs24 Not in release Not in release Not in release
emacs25 Not in release Not in release Not affected
Show less packages

CVE-2023-27560

Medium priority
Needs evaluation

Math/PrimeField.php in phpseclib 3.x before 3.0.19 has an infinite loop with composite primefields.

3 affected packages

ldap-account-manager, php-phpseclib, php-phpseclib3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ldap-account-manager Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
php-phpseclib Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
php-phpseclib3 Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
Show less packages