Search CVE reports
2391 – 2400 of 38328 results
Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file
1 affected package
wireshark
| Package | 18.04 LTS |
|---|---|
| wireshark | Needs evaluation |
billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
1 affected package
cacti
| Package | 18.04 LTS |
|---|---|
| cacti | Needs evaluation |
Hibernate Validator before 6.2.0 and 7.0.0, by default and depending how it is used, may interpolate user-supplied input in a constraint violation message with Expression Language. This could allow an attacker to access sensitive...
2 affected packages
libhibernate-validator-java, libhibernate-validator4-java
| Package | 18.04 LTS |
|---|---|
| libhibernate-validator-java | Needs evaluation |
| libhibernate-validator4-java | — |
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using...
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 18.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.4 | — |
| python3.5 | — |
| python3.6 | Not affected |
| python3.7 | Not affected |
| python3.8 | Not affected |
| python3.9 | — |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions...
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 18.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.4 | — |
| python3.5 | — |
| python3.6 | Not affected |
| python3.7 | Not affected |
| python3.8 | Not affected |
| python3.9 | — |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module...
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 18.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.4 | — |
| python3.5 | — |
| python3.6 | Not affected |
| python3.7 | Not affected |
| python3.8 | Not affected |
| python3.9 | — |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module...
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 18.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.4 | — |
| python3.5 | — |
| python3.6 | Not affected |
| python3.7 | Not affected |
| python3.8 | Not affected |
| python3.9 | — |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared `%PROGRAMDATA%` directory is searched for configuration...
1 affected package
jupyter-core
| Package | 18.04 LTS |
|---|---|
| jupyter-core | Needs evaluation |
A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again.
1 affected package
samba
| Package | 18.04 LTS |
|---|---|
| samba | Not affected |
Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the...
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 18.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.4 | — |
| python3.5 | — |
| python3.6 | Not affected |
| python3.7 | Not affected |
| python3.8 | Not affected |
| python3.9 | — |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |