Search CVE reports
311 – 320 of 497 results
The construct function in puff.cpp in Libtorrent 1.1.0 allows remote torrent trackers to cause a denial of service (segmentation fault and crash) via a crafted GZIP response.
1 affected package
libtorrent-rasterbar
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libtorrent-rasterbar | Not affected | Not affected | Not affected | Not affected |
Some fixes available 5 of 16
The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism.
7 affected packages
ruby-attr-encrypted, ruby-encryptor, ruby1.8, ruby1.9.1, ruby2.0...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ruby-attr-encrypted | Not affected | Not affected | Not affected | Not in release |
| ruby-encryptor | Not affected | Not affected | Not affected | Not in release |
| ruby1.8 | Not in release | Not in release | Not in release | Not in release |
| ruby1.9.1 | Not in release | Not in release | Not in release | Not in release |
| ruby2.0 | Not in release | Not in release | Not in release | Not in release |
| ruby2.1 | Not in release | Not in release | Not in release | Not in release |
| ruby2.3 | Not in release | Not in release | Not in release | Not in release |
The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters.
1 affected package
validator.js
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| validator.js | — | — | — | — |
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings.
1 affected package
validator.js
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| validator.js | — | — | — | — |
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via vectors related to UI redressing.
1 affected package
validator.js
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| validator.js | — | — | — | — |
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via a crafted javascript URI.
1 affected package
validator.js
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| validator.js | — | — | — | — |
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the XSS filter via a nested tag.
1 affected package
validator.js
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| validator.js | — | — | — | — |
Some fixes available 1 of 3
Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present,...
1 affected package
tor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tor | — | — | — | Not affected |
Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Connector/Python.
1 affected package
mysql-connector-python
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mysql-connector-python | Not affected | Not affected | Not affected | Not affected |
Some fixes available 3 of 7
The parse_chunk_header function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service (crash) via a crafted (1) HTTP response or possibly a (2) UPnP broadcast.
1 affected package
libtorrent-rasterbar
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libtorrent-rasterbar | — | Not affected | Not affected | Not affected |