Search CVE reports
251 – 260 of 39869 results
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.27.1, FreeRDP clients launched with the non-default /cache:codec:rfx option pass desktop stride and height to RemoteFX decoding for Cache Bitmap V3 data...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Needs evaluation |
| freerdp3 | Needs evaluation |
Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects loopback peers by default unless allow-loopback-peers is enabled, but the default loopback guard can be bypassed by using the...
1 affected package
coturn
| Package | 24.04 LTS |
|---|---|
| coturn | Needs evaluation |
Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argument and directly passes it to fopen with no path validation. An...
1 affected package
coturn
| Package | 24.04 LTS |
|---|---|
| coturn | Needs evaluation |
Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.12.0, the coturn HTTPS admin panel passes HTTP query parameters directly into SQL queries via snprintf string interpolation without sanitization. The...
1 affected package
coturn
| Package | 24.04 LTS |
|---|---|
| coturn | Needs evaluation |
GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP passive mode. A malicious FTP server, or an HTTP server that redirects to an FTP URL, can exploit this behavior to redirect Wget’s...
1 affected package
wget
| Package | 24.04 LTS |
|---|---|
| wget | Vulnerable |
Apprise is an open source library which allows you to send a notification to almost all of the most popular notification services available. Prior to 1.11.0, Apprise HTTP-based notification plugins and HTTP attachment and config...
1 affected package
apprise
| Package | 24.04 LTS |
|---|---|
| apprise | Needs evaluation |
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In affected Mbed TLS backend versions from 0.31.0 through 0.46.1 and wolfSSL backend versions from 0.33.0 through 0.46.1, when cpp-httplib is built...
1 affected package
cpp-httplib
| Package | 24.04 LTS |
|---|---|
| cpp-httplib | Needs evaluation |
ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause...
1 affected package
imagemagick
| Package | 24.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial...
1 affected package
imagemagick
| Package | 24.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
mtr is vulnerable to Out-of-bound read vulnerability in ipinfo_lookup() function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes...
1 affected package
mtr
| Package | 24.04 LTS |
|---|---|
| mtr | Needs evaluation |