Search CVE reports
3481 – 3490 of 60258 results
An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request.
3 affected packages
lua-nginx-memcached, lua-nginx-redis, lua-nginx-websocket
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| lua-nginx-memcached | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| lua-nginx-redis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| lua-nginx-websocket | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p29, <2.2.0p41 and <=2.1.0p49 (EOL) causes remote site authentication secrets to be written to log files accessible to administrators.
1 affected package
check-mk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| check-mk | Not in release | Not in release | Not in release | Needs evaluation |
[Require user interaction before opening URL in external application]
1 affected package
epiphany-browser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| epiphany-browser | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.
1 affected package
ppp
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ppp | Ignored | Ignored | Ignored | Ignored |
An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a crafted script
1 affected package
mimetex
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mimetex | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.
1 affected package
mimetex
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mimetex | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 4 of 5
An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message.
1 affected package
gobgp
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gobgp | Fixed | Fixed | Fixed | Fixed |
Some fixes available 4 of 5
An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context.
1 affected package
gobgp
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gobgp | Fixed | Fixed | Fixed | Fixed |
Some fixes available 1 of 2
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.
1 affected package
gobgp
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gobgp | Fixed | Not affected | Not affected | Not affected |
Some fixes available 4 of 5
An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family).
1 affected package
gobgp
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gobgp | Fixed | Fixed | Fixed | Fixed |