Search CVE reports
91 – 100 of 509 results
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 (and above). In a highly unlikely scenario where an attacker gains control over...
4 affected packages
ckeditor3, ldap-account-manager, request-tracker4, ckeditor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ckeditor3 | Not in release | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| ckeditor | Not in release | Vulnerable | Not affected | Not affected | Not affected |
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in...
5 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4, geshi
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ckeditor | Not in release | Not affected | Not affected | Not affected | Not affected |
| ckeditor3 | Not in release | Not affected | Not affected | Not affected | Not affected |
| ldap-account-manager | Not affected | Not affected | Not affected | Not affected | Not affected |
| request-tracker4 | Not affected | Not affected | Not affected | Not affected | Not affected |
| geshi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
TorchServe is a flexible and easy-to-use tool for serving and scaling PyTorch models in production. TorchServe 's check on allowed_urls configuration can be by-passed if the URL contains characters such as ".." but it does not...
1 affected package
pytorch
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pytorch | — | Not in release | Not affected | Not in release | — |
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network...
1 affected package
mysql-connector-python
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mysql-connector-python | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
1 affected package
pytorch
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pytorch | — | Not in release | Not affected | Not in release | — |
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbuffer_loader.cpp.
1 affected package
pytorch
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pytorch | Needs evaluation | Not in release | Needs evaluation | Not in release | — |
Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp.
1 affected package
pytorch
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pytorch | Needs evaluation | Not in release | Needs evaluation | Not in release | — |
PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
1 affected package
pytorch
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pytorch | Needs evaluation | Not in release | Needs evaluation | Not in release | — |
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network...
1 affected package
mysql-connector-python
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mysql-connector-python | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
Lektor before 3.3.11 does not sanitize DB path traversal. Thus, shell commands might be executed via a file that is added to the templates directory, if the victim's web browser accesses an untrusted website that uses JavaScript...
1 affected package
lektor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| lektor | Not in release | Needs evaluation | Needs evaluation | Ignored | — |