Search CVE reports


Toggle filters

351 – 360 of 1279 results


CVE-2023-36671

Medium priority
Ignored

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN...

31 affected packages

connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
connman Not affected Not affected Not affected Not affected
gadmin-openvpn-client Not in release Not in release Not affected Not affected
gadmin-openvpn-server Not in release Not in release Not affected Not affected
golang-github-apparentlymart-go-openvpn-mgmt Not affected Not affected Not affected Not in release
kvpnc Not in release Not in release Not in release Not affected
l2tp-ipsec-vpn Not in release Not in release Not in release Not in release
l2tp-ipsec-vpn-daemon Not in release Not in release Not in release Not in release
libreswan Not affected Not affected Not affected Not affected
mozillavpn Not in release Not affected Not in release Not in release
n2n Not affected Not affected Not affected Not affected
network-manager-fortisslvpn Not affected Not affected Not affected Not affected
network-manager-iodine Not affected Not affected Not affected Not affected
network-manager-l2tp Not affected Not affected Not affected Not affected
network-manager-openconnect Not affected Not affected Not affected Not affected
network-manager-openvpn Not affected Not affected Not affected Not affected
network-manager-pptp Not affected Not affected Not affected Not affected
network-manager-sstp Not affected Not affected Not in release Not in release
network-manager-strongswan Not affected Not affected Not affected Not affected
network-manager-vpnc Not affected Not affected Not affected Not affected
openconnect Not affected Not affected Not affected Not affected
openfortivpn Not affected Not affected Not affected Not affected
openvpn Not affected Not affected Not affected Not affected
pptp-linux Not affected Not affected Not affected Not affected
quicktun Not affected Not affected Not affected Not affected
riseup-vpn Not affected Not in release Not in release Not in release
softether-vpn Not affected Not affected Not in release Not in release
sshuttle Not affected Not affected Not affected Not affected
tinc Not affected Not affected Not affected Not affected
vpnc Not affected Not affected Not affected Not affected
wireguard Not affected Not affected Not affected Not affected
zentyal-openvpn Not in release Not in release Not in release Not in release
Show all 31 packages Show less packages

CVE-2023-35838

Medium priority
Ignored

The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into...

31 affected packages

connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
connman Not affected Not affected Not affected Not affected
gadmin-openvpn-client Not in release Not in release Not affected Not affected
gadmin-openvpn-server Not in release Not in release Not affected Not affected
golang-github-apparentlymart-go-openvpn-mgmt Not affected Not affected Not affected Not in release
kvpnc Not in release Not in release Not in release Not affected
l2tp-ipsec-vpn Not in release Not in release Not in release Not in release
l2tp-ipsec-vpn-daemon Not in release Not in release Not in release Not in release
libreswan Not affected Not affected Not affected Not affected
mozillavpn Not in release Not affected Not in release Not in release
n2n Not affected Not affected Not affected Not affected
network-manager-fortisslvpn Not affected Not affected Not affected Not affected
network-manager-iodine Not affected Not affected Not affected Not affected
network-manager-l2tp Not affected Not affected Not affected Not affected
network-manager-openconnect Not affected Not affected Not affected Not affected
network-manager-openvpn Not affected Not affected Not affected Not affected
network-manager-pptp Not affected Not affected Not affected Not affected
network-manager-sstp Not affected Not affected Not in release Not in release
network-manager-strongswan Not affected Not affected Not affected Not affected
network-manager-vpnc Not affected Not affected Not affected Not affected
openconnect Not affected Not affected Not affected Not affected
openfortivpn Not affected Not affected Not affected Not affected
openvpn Not affected Not affected Not affected Not affected
pptp-linux Not affected Not affected Not affected Not affected
quicktun Not affected Not affected Not affected Not affected
riseup-vpn Not affected Not in release Not in release Not in release
softether-vpn Not affected Not affected Not in release Not in release
sshuttle Not affected Not affected Not affected Not affected
tinc Not affected Not affected Not affected Not affected
vpnc Not affected Not affected Not affected Not affected
wireguard Ignored Ignored Ignored Ignored
zentyal-openvpn Not in release Not in release Not in release Not in release
Show all 31 packages Show less packages

CVE-2023-39978

Medium priority
Vulnerable

ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Not affected Vulnerable Vulnerable Not affected
Show less packages

CVE-2023-3978

Medium priority

Some fixes available 8 of 12

Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.

7 affected packages

adsys, containerd, golang-golang-x-net, golang-golang-x-net-dev, google-guest-agent...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
adsys Not affected Not affected Not affected Fixed
containerd Not affected Not affected Not affected Not affected Not affected
golang-golang-x-net Not affected Not affected Fixed Not in release Ignored
golang-golang-x-net-dev Not in release Not in release Not in release Fixed Fixed
google-guest-agent Not affected Not affected Not affected Not affected Not affected
juju-core Not in release Not in release Not in release
lxd Not in release Not in release Not in release Not affected Fixed
Show all 7 packages Show less packages

CVE-2023-29408

Medium priority
Needs evaluation

The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/height, and encoded size) to make the decoder decode...

1 affected package

golang-golang-x-image

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-golang-x-image Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-29407

Medium priority
Needs evaluation

A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size (width * height) appearing to be zero.

1 affected package

golang-golang-x-image

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-golang-x-image Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-3745

Medium priority
Not affected

A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Not affected Not affected
Show less packages

CVE-2023-36183

Medium priority
Needs evaluation

Buffer Overflow vulnerability in OpenImageIO v.2.4.12.0 and before allows a remote to execute arbitrary code and obtain sensitive information via a crafted file to the readimg function.

1 affected package

openimageio

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openimageio Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-3428

Medium priority
Fixed

A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service.

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Fixed Fixed Fixed Not affected Not affected
Show less packages

CVE-2023-34475

Medium priority
Not affected

A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Not affected Not affected
Show less packages