Search CVE reports


Toggle filters

331 – 340 of 1287 results


CVE-2023-3430

Medium priority
Needs evaluation

A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a...

1 affected package

openimageio

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openimageio Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-5341

Medium priority

Some fixes available 5 of 7

A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Not affected Fixed Fixed Fixed
Show less packages

CVE-2023-4771

Medium priority
Vulnerable

A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an...

4 affected packages

ldap-account-manager, request-tracker4, ckeditor, ckeditor3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ldap-account-manager Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
request-tracker4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ckeditor Not in release Not affected Not affected Vulnerable Vulnerable
ckeditor3 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-3399

Medium priority
Needs evaluation

An issue has been discovered in GitLab EE affecting all versions starting from 11.6 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. It was possible for an unauthorised...

2 affected packages

gitlab-agent, gitlab

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab-agent Needs evaluation Needs evaluation Not in release Not in release
gitlab Not in release Not in release Not in release Not in release
Show less packages

CVE-2023-3246

Medium priority
Needs evaluation

An issue has been discovered in GitLab EE/CE affecting all versions starting before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1 which allows an attackers to block Sidekiq...

2 affected packages

gitlab-agent, gitlab

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab-agent Needs evaluation Needs evaluation Not in release Not in release
gitlab Not in release Not in release Not in release Not in release
Show less packages

CVE-2023-42299

Medium priority
Needs evaluation

Buffer Overflow vulnerability in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and cause a denial of service via the read_subimage_data function.

1 affected package

openimageio

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openimageio Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-42295

Medium priority
Needs evaluation

An issue in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and cause a denial of service via the read_rle_image function of file bifs/unquantize.c

1 affected package

openimageio

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openimageio Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-3917

Medium priority
Needs evaluation

Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail.

2 affected packages

gitlab-agent, gitlab

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab-agent Needs evaluation Needs evaluation Not in release Not in release
gitlab Not in release Not in release Not in release Not in release
Show less packages

CVE-2023-40577

Medium priority

Some fixes available 3 of 5

Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on...

1 affected package

prometheus-alertmanager

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
prometheus-alertmanager Not affected Not affected Fixed Fixed Fixed
Show less packages

CVE-2022-48541

Low priority
Fixed

A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -help" command.

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Not affected Not affected Fixed Fixed
Show less packages