Search CVE reports
351 – 360 of 1279 results
An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN...
31 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| connman | — | Not affected | Not affected | Not affected | Not affected |
| gadmin-openvpn-client | — | Not in release | Not in release | Not affected | Not affected |
| gadmin-openvpn-server | — | Not in release | Not in release | Not affected | Not affected |
| golang-github-apparentlymart-go-openvpn-mgmt | — | Not affected | Not affected | Not affected | Not in release |
| kvpnc | — | Not in release | Not in release | Not in release | Not affected |
| l2tp-ipsec-vpn | — | Not in release | Not in release | Not in release | Not in release |
| l2tp-ipsec-vpn-daemon | — | Not in release | Not in release | Not in release | Not in release |
| libreswan | — | Not affected | Not affected | Not affected | Not affected |
| mozillavpn | — | Not in release | Not affected | Not in release | Not in release |
| n2n | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-fortisslvpn | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-iodine | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-l2tp | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-openconnect | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-openvpn | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-pptp | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-sstp | — | Not affected | Not affected | Not in release | Not in release |
| network-manager-strongswan | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-vpnc | — | Not affected | Not affected | Not affected | Not affected |
| openconnect | — | Not affected | Not affected | Not affected | Not affected |
| openfortivpn | — | Not affected | Not affected | Not affected | Not affected |
| openvpn | — | Not affected | Not affected | Not affected | Not affected |
| pptp-linux | — | Not affected | Not affected | Not affected | Not affected |
| quicktun | — | Not affected | Not affected | Not affected | Not affected |
| riseup-vpn | — | Not affected | Not in release | Not in release | Not in release |
| softether-vpn | — | Not affected | Not affected | Not in release | Not in release |
| sshuttle | — | Not affected | Not affected | Not affected | Not affected |
| tinc | — | Not affected | Not affected | Not affected | Not affected |
| vpnc | — | Not affected | Not affected | Not affected | Not affected |
| wireguard | — | Not affected | Not affected | Not affected | Not affected |
| zentyal-openvpn | — | Not in release | Not in release | Not in release | Not in release |
The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into...
31 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| connman | — | Not affected | Not affected | Not affected | Not affected |
| gadmin-openvpn-client | — | Not in release | Not in release | Not affected | Not affected |
| gadmin-openvpn-server | — | Not in release | Not in release | Not affected | Not affected |
| golang-github-apparentlymart-go-openvpn-mgmt | — | Not affected | Not affected | Not affected | Not in release |
| kvpnc | — | Not in release | Not in release | Not in release | Not affected |
| l2tp-ipsec-vpn | — | Not in release | Not in release | Not in release | Not in release |
| l2tp-ipsec-vpn-daemon | — | Not in release | Not in release | Not in release | Not in release |
| libreswan | — | Not affected | Not affected | Not affected | Not affected |
| mozillavpn | — | Not in release | Not affected | Not in release | Not in release |
| n2n | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-fortisslvpn | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-iodine | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-l2tp | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-openconnect | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-openvpn | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-pptp | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-sstp | — | Not affected | Not affected | Not in release | Not in release |
| network-manager-strongswan | — | Not affected | Not affected | Not affected | Not affected |
| network-manager-vpnc | — | Not affected | Not affected | Not affected | Not affected |
| openconnect | — | Not affected | Not affected | Not affected | Not affected |
| openfortivpn | — | Not affected | Not affected | Not affected | Not affected |
| openvpn | — | Not affected | Not affected | Not affected | Not affected |
| pptp-linux | — | Not affected | Not affected | Not affected | Not affected |
| quicktun | — | Not affected | Not affected | Not affected | Not affected |
| riseup-vpn | — | Not affected | Not in release | Not in release | Not in release |
| softether-vpn | — | Not affected | Not affected | Not in release | Not in release |
| sshuttle | — | Not affected | Not affected | Not affected | Not affected |
| tinc | — | Not affected | Not affected | Not affected | Not affected |
| vpnc | — | Not affected | Not affected | Not affected | Not affected |
| wireguard | — | Ignored | Ignored | Ignored | Ignored |
| zentyal-openvpn | — | Not in release | Not in release | Not in release | Not in release |
ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | Not affected | Not affected | Vulnerable | Vulnerable | Not affected |
Some fixes available 8 of 12
Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.
7 affected packages
adsys, containerd, golang-golang-x-net, golang-golang-x-net-dev, google-guest-agent...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| adsys | Not affected | Not affected | Not affected | Fixed | — |
| containerd | Not affected | Not affected | Not affected | Not affected | Not affected |
| golang-golang-x-net | Not affected | Not affected | Fixed | Not in release | Ignored |
| golang-golang-x-net-dev | Not in release | Not in release | Not in release | Fixed | Fixed |
| google-guest-agent | Not affected | Not affected | Not affected | Not affected | Not affected |
| juju-core | Not in release | Not in release | Not in release | — | — |
| lxd | Not in release | Not in release | Not in release | Not affected | Fixed |
The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/height, and encoded size) to make the decoder decode...
1 affected package
golang-golang-x-image
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| golang-golang-x-image | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size (width * height) appearing to be zero.
1 affected package
golang-golang-x-image
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| golang-golang-x-image | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an...
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | — | — | Not affected | Not affected | Not affected |
Buffer Overflow vulnerability in OpenImageIO v.2.4.12.0 and before allows a remote to execute arbitrary code and obtain sensitive information via a crafted file to the readimg function.
1 affected package
openimageio
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openimageio | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service.
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | Fixed | Fixed | Fixed | Not affected | Not affected |
A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write...
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | — | — | Not affected | Not affected | Not affected |