Search CVE reports
151 – 160 of 42129 results
Versions of the package spin.js before 3.0.0 are vulnerable to Cross-site Scripting (XSS) via the spin() function that allows a creation of more than 1 alert for each 'target' element. An attacker would need to set an arbitrary...
1 affected package
libjs-spin.js
| Package | 18.04 LTS |
|---|---|
| libjs-spin.js | Needs evaluation |
[Unknown description]
1 affected package
gst-plugins-bad1.0
| Package | 18.04 LTS |
|---|---|
| gst-plugins-bad1.0 | Needs evaluation |
Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible.
1 affected package
giflib
| Package | 18.04 LTS |
|---|---|
| giflib | Needs evaluation |
If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to...
1 affected package
pluxml
| Package | 18.04 LTS |
|---|---|
| pluxml | Needs evaluation |
A Stored Cross-Site Scripting (XSS) vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 and earlier. The application fails to properly sanitize or validate user-supplied input in the "link" field...
1 affected package
pluxml
| Package | 18.04 LTS |
|---|---|
| pluxml | Needs evaluation |
Memory safety bugs present in Firefox 148.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability...
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 18.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | Needs evaluation |
| mozjs52 | Ignored |
| mozjs68 | — |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox < 148.0.2.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 18.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | Needs evaluation |
| mozjs52 | Ignored |
| mozjs68 | — |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, The TimescaleDB export module constructs SQL queries using string concatenation with unsanitized system monitoring data. The normalize() method wraps...
1 affected package
glances
| Package | 18.04 LTS |
|---|---|
| glances | Needs evaluation |
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, the /api/4/config REST API endpoint returns the entire parsed Glances configuration file (glances.conf) via self.config.as_dict() with no filtering...
1 affected package
glances
| Package | 18.04 LTS |
|---|---|
| glances | Needs evaluation |
This issue affects the ExtractEmbeddedFiles example inĀ Apache PDFBox: from 2.0.24 through 2.0.35, from 3.0.0 through 3.0.6. The ExtractEmbeddedFiles example contains a path traversal vulnerability (CWE-22) because the filename...
2 affected packages
libpdfbox-java, libpdfbox2-java
| Package | 18.04 LTS |
|---|---|
| libpdfbox-java | Needs evaluation |
| libpdfbox2-java | Needs evaluation |