CVE search results

311 – 320 of 498 results

Detailed view

Sort by:

CVE-2016-3180

Medium priority

Some fixes available 1 of 5

Tor Browser Launcher (aka torbrowser-launcher) before 0.2.4, during the initial run, allows man-in-the-middle attackers to bypass the PGP signature verification and execute arbitrary code via a Trojan horse tar file and...

1 affected package

torbrowser-launcher

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
torbrowser-launcher	—	—	—	Not affected

CVE-2016-7164

Low priority

Vulnerable

The construct function in puff.cpp in Libtorrent 1.1.0 allows remote torrent trackers to cause a denial of service (segmentation fault and crash) via a crafted GZIP response.

1 affected package

libtorrent-rasterbar

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libtorrent-rasterbar	Not affected	Not affected	Not affected	Not affected

CVE-2016-7798

Low priority

Some fixes available 5 of 16

The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism.

7 affected packages

ruby-attr-encrypted, ruby-encryptor, ruby1.8, ruby1.9.1, ruby2.0...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ruby-attr-encrypted	Not affected	Not affected	Not affected	Not in release
ruby-encryptor	Not affected	Not affected	Not affected	Not in release
ruby1.8	Not in release	Not in release	Not in release	Not in release
ruby1.9.1	Not in release	Not in release	Not in release	Not in release
ruby2.0	Not in release	Not in release	Not in release	Not in release
ruby2.1	Not in release	Not in release	Not in release	Not in release
ruby2.3	Not in release	Not in release	Not in release	Not in release

CVE-2014-9772

Medium priority

Not affected

The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters.

1 affected package

validator.js

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
validator.js	—	—	—	—

CVE-2013-7454

Medium priority

Not affected

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings.

1 affected package

validator.js

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
validator.js	—	—	—	—

CVE-2013-7453

Medium priority

Not affected

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via vectors related to UI redressing.

1 affected package

validator.js

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
validator.js	—	—	—	—

CVE-2013-7452

Medium priority

Not affected

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via a crafted javascript URI.

1 affected package

validator.js

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
validator.js	—	—	—	—

CVE-2013-7451

Medium priority

Not affected

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the XSS filter via a nested tag.

1 affected package

validator.js

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
validator.js	—	—	—	—

CVE-2016-8860

Medium priority

Some fixes available 1 of 3

Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present,...

1 affected package

tor

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
tor	—	—	—	Not affected

CVE-2016-5598

Medium priority

Vulnerable

Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Connector/Python.

1 affected package

mysql-connector-python

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mysql-connector-python	Not affected	Not affected	Not affected	Not affected

Export to JSON

Results by page:

Search CVE reports