Search CVE reports

Toggle filters

401 – 410 of 497 results

CVE-2009-3603

Medium priority

Some fixes available 39 of 107

Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer...

11 affected packages

kdegraphics, gpdf, ipe, xpdf, libextractor...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
kdegraphics Not in release Not in release Not in release Not in release
gpdf Not in release Not in release Not in release Not in release
ipe Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xpdf Not affected Not affected Not in release Not affected
libextractor Not affected Not affected Not affected Not affected
koffice Not in release Not in release Not in release Not in release
pdfkit.framework Not in release Not in release Not in release Not in release
pdftohtml Not in release Not in release Not in release Not in release
poppler Fixed Fixed Fixed Fixed
tetex-bin Not in release Not in release Not in release Not in release
texlive-bin Not affected Not affected Not affected Not affected
Show all 11 packages Show less packages

CVE-2009-3042

Medium priority
Ignored

SQL injection vulnerability in machine.php in Open Computer and Software (OCS) Inventory NG 1.02.1 allows remote attackers to execute arbitrary SQL commands via the systemid parameter, a different vector than CVE-2009-3040.

1 affected package

ocsinventory-server

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ocsinventory-server Not affected
Show less packages

CVE-2009-3040

Medium priority
Ignored

Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1.02 for Unix allow remote attackers to execute arbitrary SQL commands via the (1) N, (2) DL, (3) O and (4) V parameters to download.php and...

1 affected package

ocsinventory-server

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ocsinventory-server Not affected
Show less packages

CVE-2009-2426

Low priority
Ignored

The connection_edge_process_relay_cell_not_open function in src/or/relay.c in Tor 0.2.x before 0.2.0.35 and 0.1.x before 0.1.2.8-beta allows exit relays to have an unspecified impact by causing controllers to accept DNS responses...

1 affected package

tor

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
tor
Show less packages

CVE-2009-2425

Low priority
Ignored

Tor before 0.2.0.35 allows remote attackers to cause a denial of service (application crash) via a malformed router descriptor.

1 affected package

tor

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
tor
Show less packages

CVE-2009-0667

Medium priority
Ignored

Untrusted search path vulnerability in Agent/Backend.pm in Ocsinventory-Agent before 0.0.9.3, and 1.x before 1.0.1, in OCS Inventory allows local users to gain privileges via a Trojan horse Perl module in an arbitrary directory.

1 affected package

ocsinventory-agent

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ocsinventory-agent
Show less packages

CVE-2009-2324

Low priority

Some fixes available 1 of 4

Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to inject arbitrary web script or HTML via components in the samples (aka _samples) directory.

2 affected packages

fckeditor, moin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
fckeditor
moin
Show less packages

CVE-2009-2265

Low priority

Some fixes available 1 of 3

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules,...

2 affected packages

moin, fckeditor

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moin
fckeditor
Show less packages

CVE-2009-2166

Medium priority
Ignored

Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter.

1 affected package

ocsinventory-server

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ocsinventory-server Not affected
Show less packages

CVE-2009-1760

Medium priority
Ignored

Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary...

1 affected package

libtorrent-rasterbar

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libtorrent-rasterbar
Show less packages
  1. Previous page
  2. 39
  3. 40
  4. 41
  5. 42
  6. 43
  7. Next page
Export to JSON