Search CVE reports
5081 – 5090 of 44072 results
A cross-site scripting (XSS) vulnerability in the Events/Agenda module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title parameter.
1 affected package
dolibarr
| Package | 16.04 LTS |
|---|---|
| dolibarr | Needs evaluation |
Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of host_templates.php using the graph_template parameter. This vulnerability is fixed in 1.2.29.
1 affected package
cacti
| Package | 16.04 LTS |
|---|---|
| cacti | Needs evaluation |
Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the get_discovery_results function of automation_devices.php using the network parameter. This vulnerability is fixed in 1.2.29.
1 affected package
cacti
| Package | 16.04 LTS |
|---|---|
| cacti | Needs evaluation |
Cacti is an open source performance and fault management framework. Prior to 1.2.29, an administrator can change the `Poller Standard Error Log Path` parameter in either Installation Step 5 or in Configuration->Settings->Paths tab...
1 affected package
cacti
| Package | 16.04 LTS |
|---|---|
| cacti | Needs evaluation |
Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that (1) use the "FileSystemConfigSetService" component (the default in "standalone" or "user-managed" mode), and (2) are...
1 affected package
lucene-solr
| Package | 16.04 LTS |
|---|---|
| lucene-solr | Needs evaluation |
Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a...
1 affected package
lucene-solr
| Package | 16.04 LTS |
|---|---|
| lucene-solr | Not affected |
xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.
1 affected package
libxml2
| Package | 16.04 LTS |
|---|---|
| libxml2 | Fixed |
7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this...
2 affected packages
p7zip, 7zip
| Package | 16.04 LTS |
|---|---|
| p7zip | Not affected |
| 7zip | — |
An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_process_pmt in media_tools/mpegts.c:2163 that can cause a denial of service (DOS) via a crafted MP4 file.
1 affected package
gpac
| Package | 16.04 LTS |
|---|---|
| gpac | Needs evaluation |
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b contains a buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c, check needed for num_exp_tile_columns
1 affected package
gpac
| Package | 16.04 LTS |
|---|---|
| gpac | Needs evaluation |