Search CVE reports
61 – 70 of 37865 results
Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to...
1 affected package
mod-gnutls
| Package | 20.04 LTS |
|---|---|
| mod-gnutls | Needs evaluation |
Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior to 0.12.3 and 0.13.0, code for client certificate verification imported the certificate chain sent by the client into a fixed size `gnutls_x509_crt_t...
1 affected package
mod-gnutls
| Package | 20.04 LTS |
|---|---|
| mod-gnutls | Needs evaluation |
Freeciv21 is a free open source, turn-based, empire-building strategy game. Versions prior to 3.1.1 crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this to take down any public...
1 affected package
freeciv
| Package | 20.04 LTS |
|---|---|
| freeciv | Needs evaluation |
Action Pack is a Rubygem for building web applications on the Rails framework. In versions on the 8.1 branch prior to 8.1.2.1, the debug exceptions page does not properly escape exception messages. A carefully crafted exception...
1 affected package
rails
| Package | 20.04 LTS |
|---|---|
| rails | Needs evaluation |
Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. Prior to versions 3.3.5, 3.4.4, and 4.2.6, a specially crafted Socket.IO packet can make the server wait for a large number of binary...
1 affected package
node-socket.io-parser
| Package | 20.04 LTS |
|---|---|
| node-socket.io-parser | Needs evaluation |
LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput() in httpd.c that allow remote attackers to cause a denial of...
6 affected packages
libvncserver, vino, x11vnc, veyon, italc, tightvnc
| Package | 20.04 LTS |
|---|---|
| libvncserver | Needs evaluation |
| vino | Needs evaluation |
| x11vnc | Needs evaluation |
| veyon | Needs evaluation |
| italc | — |
| tightvnc | Needs evaluation |
LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application...
6 affected packages
veyon, libvncserver, vino, x11vnc, italc, tightvnc
| Package | 20.04 LTS |
|---|---|
| veyon | Needs evaluation |
| libvncserver | Needs evaluation |
| vino | Needs evaluation |
| x11vnc | Needs evaluation |
| italc | — |
| tightvnc | Needs evaluation |
[Unknown description]
2 affected packages
squid, squid3
| Package | 20.04 LTS |
|---|---|
| squid | Needs evaluation |
| squid3 | — |
pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the...
1 affected package
pydicom
| Package | 20.04 LTS |
|---|---|
| pydicom | Needs evaluation |
Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a...
1 affected package
wolfssl
| Package | 20.04 LTS |
|---|---|
| wolfssl | Needs evaluation |