Search CVE reports
431 – 440 of 41354 results
In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack (request smuggling), which in turn can be used for cache...
1 affected package
varnish
| Package | 20.04 LTS |
|---|---|
| varnish | Needs evaluation |
ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by...
1 affected package
freeipmi
| Package | 20.04 LTS |
|---|---|
| freeipmi | Needs evaluation |
Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 through 2.4.67.
2 affected packages
nginx, apache2
| Package | 20.04 LTS |
|---|---|
| nginx | Needs evaluation |
| apache2 | Needs evaluation |
transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths.
1 affected package
transmission
| Package | 20.04 LTS |
|---|---|
| transmission | Needs evaluation |
A flaw has been found in dask up to 3.0. Affected by this issue is the function nunique_approx of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is...
1 affected package
dask
| Package | 20.04 LTS |
|---|---|
| dask | Needs evaluation |
A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lws_ssh_parse_plaintext of the file plugins/protocol_lws_ssh_base/sshd.c of the component SSH Protocol Handler. Executing a manipulation...
1 affected package
libwebsockets
| Package | 20.04 LTS |
|---|---|
| libwebsockets | Needs evaluation |
FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simple_packet_parser_ng.cpp, after validating that the packet contains at least sizeof(ipv4_header_t) bytes (20 bytes),...
1 affected package
fastnetmon
| Package | 20.04 LTS |
|---|---|
| fastnetmon | Needs evaluation |
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, cookies set with the `cookies` parameter on requests are sent after following a cross-origin redirect. If a developer uses...
1 affected package
python-aiohttp
| Package | 20.04 LTS |
|---|---|
| python-aiohttp | Needs evaluation |
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, using ``CookieJar.load()`` with untrusted input may allow arbitrary code execution. Most applications using this function...
1 affected package
python-aiohttp
| Package | 20.04 LTS |
|---|---|
| python-aiohttp | Needs evaluation |
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 20.04 LTS |
|---|---|
| firefox | — |
| mozjs102 | — |
| mozjs115 | — |
| mozjs38 | — |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | — |
| mozjs91 | — |
| thunderbird | — |