Search CVE reports
31 – 40 of 95 results
Some fixes available 1 of 6
Best Practical Request Tracker (RT) before 5.0.3 has an Open Redirect via a ticket search.
1 affected package
request-tracker5
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| request-tracker5 | Not affected | Not affected | Fixed | Not in release | Not in release |
Some fixes available 6 of 13
Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment.
2 affected packages
request-tracker5, request-tracker4
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| request-tracker5 | Not affected | Not affected | Fixed | Not in release | Not in release |
| request-tracker4 | Not affected | Not affected | Fixed | Fixed | Fixed |
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator...
4 affected packages
request-tracker4, ckeditor, ckeditor3, ldap-account-manager
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| ckeditor | Not in release | Not affected | Not affected | Not affected | Not affected |
| ckeditor3 | Not in release | Needs evaluation | Needs evaluation | Ignored | Ignored |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ckeditor | Not in release | Not affected | Vulnerable | Vulnerable | Vulnerable |
| ckeditor3 | Not in release | Needs evaluation | Needs evaluation | Ignored | Ignored |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ckeditor | Not in release | Not affected | Needs evaluation | Ignored | Ignored |
| ckeditor3 | Not in release | Needs evaluation | Needs evaluation | Ignored | Ignored |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The vulnerability allowed to...
4 affected packages
ckeditor3, ldap-account-manager, request-tracker4, ckeditor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ckeditor3 | Not in release | Needs evaluation | Needs evaluation | Ignored | Ignored |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| ckeditor | Not in release | Not affected | Needs evaluation | Ignored | Ignored |
Some fixes available 11 of 18
Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm.
2 affected packages
request-tracker5, request-tracker4
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| request-tracker5 | Not affected | Not affected | Fixed | Not in release | Not in release |
| request-tracker4 | Fixed | Fixed | Fixed | Fixed | Fixed |
Some fixes available 4 of 36
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Fake Objects](https://ckeditor.com/cke4/addon/fakeobjects) package. The vulnerability allowed...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ckeditor | Not in release | Not affected | Not affected | Fixed | Fixed |
| ckeditor3 | Not in release | Needs evaluation | Needs evaluation | Ignored | Ignored |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor.
1 affected package
milkytracker
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| milkytracker | Not affected | Not affected | Not affected | Ignored | Ignored |
Some fixes available 1 of 4
ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow.
1 affected package
milkytracker
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| milkytracker | Not affected | Not affected | Not affected | Not affected | Vulnerable |