Search CVE reports
21 – 30 of 37537 results
CVE-2024-52533
Medium prioritygio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.
1 affected packages
glib2.0
Package | 16.04 LTS |
---|---|
glib2.0 | Needs evaluation |
CVE-2024-50636
Medium priorityPyMOL 2.5.0 contains a vulnerability in its "Run Script" function, which allows the execution of arbitrary Python code embedded within .PYM files. Attackers can craft a malicious .PYM file containing a Python reverse shell payload...
1 affected packages
pymol
Package | 16.04 LTS |
---|---|
pymol | Needs evaluation |
CVE-2024-52532
Medium priorityGNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients.
2 affected packages
libsoup2.4, libsoup3
Package | 16.04 LTS |
---|---|
libsoup2.4 | Needs evaluation |
libsoup3 | — |
CVE-2024-52531
Medium priorityGNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. Input received over the network cannot trigger this.
2 affected packages
libsoup2.4, libsoup3
Package | 16.04 LTS |
---|---|
libsoup2.4 | Needs evaluation |
libsoup3 | — |
CVE-2024-52530
Medium priorityGNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a...
2 affected packages
libsoup2.4, libsoup3
Package | 16.04 LTS |
---|---|
libsoup2.4 | Needs evaluation |
libsoup3 | — |
CVE-2024-51490
Medium priorityAmpache is a web based audio/video streaming application and file manager. This vulnerability exists in the interface section of the Ampache menu, where users can change "Custom URL - Logo". This section is not properly sanitized,...
1 affected packages
ampache
Package | 16.04 LTS |
---|---|
ampache | Needs evaluation |
CVE-2024-51489
Medium priorityAmpache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens when users send messages to one another. This vulnerability could be...
1 affected packages
ampache
Package | 16.04 LTS |
---|---|
ampache | Needs evaluation |
CVE-2024-51488
Medium priorityAmpache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens when users delete messages. This vulnerability could be exploited to...
1 affected packages
ampache
Package | 16.04 LTS |
---|---|
ampache | Needs evaluation |
CVE-2024-51487
Medium priorityAmpache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating catalog. This vulnerability allows an...
1 affected packages
ampache
Package | 16.04 LTS |
---|---|
ampache | Needs evaluation |
CVE-2024-51486
Medium priorityAmpache is a web based audio/video streaming application and file manager. The vulnerability exists in the interface section of the Ampache menu, where users can change the "Custom URL?-?Favicon". This section is not properly...
1 affected packages
ampache
Package | 16.04 LTS |
---|---|
ampache | Needs evaluation |