Search CVE reports


Toggle filters

451 – 460 of 1287 results


CVE-2022-31084

Medium priority
Needs evaluation

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 There are cases where LAM instantiates objects from arbitrary classes. An...

1 affected package

ldap-account-manager

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ldap-account-manager Needs evaluation Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-32547

Medium priority

Some fixes available 13 of 14

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-32546

Medium priority

Some fixes available 13 of 14

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-32545

Medium priority

Some fixes available 7 of 8

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Not affected Fixed Fixed Fixed
Show less packages

CVE-2022-24434

Negligible priority
Not affected

This affects all versions of package dicer. A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes.

1 affected package

node-superagent

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
node-superagent Not affected Not affected Not affected
Show less packages

CVE-2022-28463

Medium priority

Some fixes available 13 of 14

ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-29173

Medium priority
Not affected

go-tuf is a Go implementation of The Update Framework (TUF). go-tuf does not correctly implement the client workflow for updating the metadata files for roles other than the root role. Specifically, checks for rollback attacks are...

1 affected package

golang-github-endophage-gotuf

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-github-endophage-gotuf Not in release Not in release Not affected
Show less packages

CVE-2022-1114

Medium priority

Some fixes available 9 of 10

A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file. This vulnerability is triggered when an attacker passes a specially crafted DICOM image file to ImageMagick for...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Fixed Fixed Fixed Not affected Not affected
Show less packages

CVE-2022-29583

Medium priority
Ignored

service_windows.go in the kardianos service package for Go omits quoting that is sometimes needed for execution of a Windows service executable from the intended directory. NOTE: this finding could not be reproduced by...

2 affected packages

golang-github-kardianos-service, google-guest-agent

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-github-kardianos-service Not affected Not affected Not in release
google-guest-agent Not affected Not affected Not affected
Show less packages

CVE-2022-24851

Medium priority
Needs evaluation

LDAP Account Manager (LAM) is an open source web frontend for managing entries stored in an LDAP directory. The profile editor tool has an edit profile functionality, the parameters on this page are not properly sanitized and...

1 affected package

ldap-account-manager

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ldap-account-manager Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages