Search CVE reports
3381 – 3390 of 44448 results
A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation...
1 affected package
moodle
| Package | 18.04 LTS |
|---|---|
| moodle | Needs evaluation |
A flaw was found in Epiphany, a tool that allows websites to open external URL handler applications with minimal user interaction. This design can be misused to exploit vulnerabilities within those handlers, making them appear...
1 affected package
epiphany-browser
| Package | 18.04 LTS |
|---|---|
| epiphany-browser | Needs evaluation |
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to...
2 affected packages
7zip, p7zip
| Package | 18.04 LTS |
|---|---|
| 7zip | — |
| p7zip | Needs evaluation |
Some fixes available 2 of 13
In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.
23 affected packages
expat, apache2, apr-util, cmake, ghostscript...
| Package | 18.04 LTS |
|---|---|
| expat | Fixed |
| apache2 | Not affected |
| apr-util | Not affected |
| cmake | Not affected |
| ghostscript | Not affected |
| texlive-bin | Not affected |
| xmlrpc-c | Needs evaluation |
| vnc4 | Needs evaluation |
| wbxml2 | Needs evaluation |
| swish-e | Needs evaluation |
| insighttoolkit4 | Needs evaluation |
| cadaver | Needs evaluation |
| gdcm | Needs evaluation |
| ayttm | — |
| cableswig | — |
| coin3 | Needs evaluation |
| matanza | Needs evaluation |
| tdom | Needs evaluation |
| vtk | — |
| smart | Needs evaluation |
| firefox | — |
| thunderbird | — |
| libxmltok | Fixed |
npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of npm cli. An attacker must first obtain the ability to...
1 affected package
npm
| Package | 18.04 LTS |
|---|---|
| npm | Needs evaluation |
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit...
1 affected package
gimp
| Package | 18.04 LTS |
|---|---|
| gimp | Not affected |
Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image (e.g a member of the ‘incus’ group) to use directory traversal or symbolic...
2 affected packages
incus, lxd
| Package | 18.04 LTS |
|---|---|
| incus | — |
| lxd | Needs evaluation |
Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML configuration (e.g a member of the ‘incus’ group) can create an...
2 affected packages
incus, lxd
| Package | 18.04 LTS |
|---|---|
| incus | — |
| lxd | Needs evaluation |
MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle. An attacker with local user access can invoke this...
1 affected package
inkscape
| Package | 18.04 LTS |
|---|---|
| inkscape | Needs evaluation |
ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising...
1 affected package
logback
| Package | 18.04 LTS |
|---|---|
| logback | Needs evaluation |