Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

41 – 50 of 58 results

CVE-2012-6579

Medium priority
Ignored

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to configure encryption or signing for certain outbound e-mail, and possibly cause a denial of service (loss of...

2 affected packages

request-tracker3.8, request-tracker4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
request-tracker3.8 Not in release
request-tracker4 Not affected
Show less packages

CVE-2012-6578

Medium priority
Ignored

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled with a "Sign by default" queue configuration, uses a queue's key for signing, which might allow remote attackers to spoof messages by...

2 affected packages

request-tracker3.8, request-tracker4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
request-tracker3.8 Not in release
request-tracker4 Not affected
Show less packages

CVE-2013-3525

Medium priority
Ignored

** DISPUTED ** SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ShowPending parameter. NOTE: the vendor disputes this issue,...

2 affected packages

request-tracker3.8, request-tracker4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
request-tracker3.8 Not in release
request-tracker4 Not affected
Show less packages

CVE-2012-4884

Medium priority

Some fixes available 3 of 6

Argument injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to create arbitrary files via unspecified vectors related to the GnuPG client.

2 affected packages

request-tracker3.8, request-tracker4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
request-tracker3.8 Not in release
request-tracker4 Not affected
Show less packages

CVE-2012-4734

Medium priority

Some fixes available 3 of 6

Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to conduct a "confused deputy" attack to bypass the CSRF warning protection mechanism and cause victims to "modify arbitrary state" via...

2 affected packages

request-tracker3.8, request-tracker4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
request-tracker3.8 Not in release
request-tracker4 Not affected
Show less packages

CVE-2012-4732

Medium priority

Some fixes available 3 of 6

Cross-site request forgery (CSRF) vulnerability in Request Tracker (RT) 3.8.12 and other versions before 3.8.15, and 4.0.6 and other versions before 4.0.8, allows remote attackers to hijack the authentication of users for requests...

2 affected packages

request-tracker3.8, request-tracker4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
request-tracker3.8 Not in release
request-tracker4 Not affected
Show less packages

CVE-2012-4730

Medium priority

Some fixes available 3 of 6

Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attacks or obtain sensitive...

2 affected packages

request-tracker3.8, request-tracker4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
request-tracker3.8 Not in release
request-tracker4 Not affected
Show less packages

CVE-2012-2769

Medium priority
Ignored

Multiple cross-site scripting (XSS) vulnerabilities in the topic administration page in the Extension::MobileUI extension before 1.02 for Best Practical Solutions RT 3.8.x and in Best Practical Solutions RT before 4.0.6 allow...

1 affected packages

request-tracker4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
request-tracker4 Not affected
Show less packages

CVE-2012-2768

Medium priority
Ignored

Multiple cross-site scripting (XSS) vulnerabilities in the topic administration page in the RTFM extension 2.0.4 through 2.4.3 for Best Practical Solutions RT allow remote attackers to inject arbitrary web script or HTML via...

2 affected packages

request-tracker4, rt3.8-rtfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
request-tracker4 Not affected
rt3.8-rtfm Not in release
Show less packages

CVE-2011-5093

Medium priority
Ignored

Best Practical Solutions RT 4.x before 4.0.6 does not properly implement the DisallowExecuteCode option, which allows remote authenticated users to bypass intended access restrictions and execute arbitrary code by leveraging...

3 affected packages

request-tracker3.6, request-tracker3.8, request-tracker4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
request-tracker3.6 Not in release
request-tracker3.8 Not in release
request-tracker4 Not affected
Show less packages
  1. Previous page
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. Next page
Export to JSON