Search CVE reports


Toggle filters

441 – 450 of 1287 results


CVE-2022-31175

Medium priority
Needs evaluation

CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript...

4 affected packages

ldap-account-manager, request-tracker4, ckeditor, ckeditor3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ldap-account-manager Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
request-tracker4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ckeditor Not in release Not affected Not affected Not affected Not affected
ckeditor3 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-26310

Medium priority
Needs evaluation

Pandora FMS v7.0NG.760 and below allows an improper authorization in User Management where any authenticated user with access to the User Management module could create, modify or delete any user with full admin privilege. The...

1 affected package

pandorafms-agent

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pandorafms-agent Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-26309

Medium priority
Needs evaluation

Pandora FMS v7.0NG.759 allows Cross-Site Request Forgery in Bulk operation (User operation) resulting in elevation of privilege to Administrator group.

1 affected package

pandorafms-agent

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pandorafms-agent Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-26308

Medium priority
Needs evaluation

Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration (Credential store) where a user with the role of Operator (Write) could create, delete, view existing keys which are outside the intended role.

1 affected package

pandorafms-agent

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pandorafms-agent Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-30187

Medium priority
Vulnerable

Azure Storage Library Information Disclosure Vulnerability

2 affected packages

python-azure, python-azure-storage

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python-azure Not affected Not affected Vulnerable Not affected Not affected
python-azure-storage Not in release Not in release Not in release Ignored Ignored
Show less packages

CVE-2022-0987

Low priority
Vulnerable

A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by...

1 affected package

packagekit

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
packagekit Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2022-31088

Medium priority
Needs evaluation

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is...

1 affected package

ldap-account-manager

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ldap-account-manager Needs evaluation Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-31087

Medium priority
Needs evaluation

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation...

1 affected package

ldap-account-manager

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ldap-account-manager Needs evaluation Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-31086

Medium priority
Needs evaluation

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 incorrect regular expressions allow to upload PHP scripts...

1 affected package

ldap-account-manager

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ldap-account-manager Needs evaluation Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-31085

Medium priority
Needs evaluation

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the session files include the LDAP user name and password in clear text if...

1 affected package

ldap-account-manager

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ldap-account-manager Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages