Search CVE reports
211 – 220 of 23512 results
CVE-2024-8654
Medium priorityNot in release
MongoDB Server may access non-initialized region of memory leading to unexpected behaviour when zero arguments are called in internal aggregation stage. This issue affected MongoDB Server v6.0 version 6.0.3.
1 affected packages
mongodb
Package | 22.04 LTS |
---|---|
mongodb | Not in release |
CVE-2024-8443
Medium priorityA heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the `pkcs15-init` tool may...
1 affected packages
opensc
Package | 22.04 LTS |
---|---|
opensc | Needs evaluation |
CVE-2024-8645
Low prioritySPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file
1 affected packages
wireshark
Package | 22.04 LTS |
---|---|
wireshark | Needs evaluation |
CVE-2024-45845
Medium priorityRejected reason: DO NOT USE THIS CVE RECORD. Consult IDs: CVE-2024-45593. Reason: This record is a reservation duplicate of CVE-2024-45593. Notes: All CVE users should reference CVE-2024-45593 instead of this record....
1 affected packages
nix
Package | 22.04 LTS |
---|---|
nix | Needs evaluation |
CVE-2024-45411
Medium priorityTwig is a template language for PHP. Under some circumstances, the sandbox security checks are not run which allows user-contributed templates to bypass the sandbox restrictions. This vulnerability is fixed in 1.44.8, 2.16.1, and 3.14.0.
2 affected packages
php-twig, twig
Package | 22.04 LTS |
---|---|
php-twig | Needs evaluation |
twig | Not in release |
CVE-2024-45296
Medium prioritypath-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex...
1 affected packages
node-path-to-regexp
Package | 22.04 LTS |
---|---|
node-path-to-regexp | Needs evaluation |
CVE-2024-24510
Medium priorityCross Site Scripting vulnerability in Alinto SOGo before 5.10.0 allows a remote attacker to execute arbitrary code via the import function to the mail component.
1 affected packages
sogo
Package | 22.04 LTS |
---|---|
sogo | Needs evaluation |
CVE-2024-8373
Medium priorityImproper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content...
1 affected packages
angular.js
Package | 22.04 LTS |
---|---|
angular.js | Needs evaluation |
CVE-2024-8372
Medium priorityImproper sanitization of the value of the '[srcset]' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content...
1 affected packages
angular.js
Package | 22.04 LTS |
---|---|
angular.js | Needs evaluation |
CVE-2024-45160
Medium priority[Unknown description]
1 affected packages
lemonldap-ng
Package | 22.04 LTS |
---|---|
lemonldap-ng | Needs evaluation |