Search CVE reports
1 – 10 of 29681 results
[GNUTLS-SA-2025-11-18]
1 affected package
gnutls28
| Package | 24.04 LTS |
|---|---|
| gnutls28 | Needs evaluation |
phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. The application allows unauthorized manipulation of session variables by accepting user-controlled parameters ('subject',...
1 affected package
phppgadmin
| Package | 24.04 LTS |
|---|---|
| phppgadmin | Needs evaluation |
phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in display.php at line 396. The application passes user-controlled input from $_REQUEST['query'] directly to the browseQuery function without...
1 affected package
phppgadmin
| Package | 24.04 LTS |
|---|---|
| phppgadmin | Needs evaluation |
phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in dataexport.php at line 118. The application directly executes user-supplied SQL queries from the $_REQUEST['query'] parameter without any sanitization or...
1 affected package
phppgadmin
| Package | 24.04 LTS |
|---|---|
| phppgadmin | Needs evaluation |
phpPgAdmin 7.13.0 and earlier contains multiple cross-site scripting (XSS) vulnerabilities across various components. User-supplied input from $_REQUEST parameters is reflected in HTML output without proper encoding...
1 affected package
phppgadmin
| Package | 24.04 LTS |
|---|---|
| phppgadmin | Needs evaluation |
(Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows de ...)
1 affected package
wireshark
| Package | 24.04 LTS |
|---|---|
| wireshark | Needs evaluation |
[RNP PKESK Session Keys Generated as All-Zero]
1 affected package
rnp
| Package | 24.04 LTS |
|---|---|
| rnp | Needs evaluation |
Heap Buffer Overflow in CUPS rastertopclx Filter Leading to Potential Arbitrary Code Execution
2 affected packages
cups-filters, libcupsfilters
| Package | 24.04 LTS |
|---|---|
| cups-filters | Needs evaluation |
| libcupsfilters | Not affected |
SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.
4 affected packages
lxd, golang-go.crypto, snapd, google-guest-agent
| Package | 24.04 LTS |
|---|---|
| lxd | Not in release |
| golang-go.crypto | Needs evaluation |
| snapd | Needs evaluation |
| google-guest-agent | Needs evaluation |
SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.
4 affected packages
golang-go.crypto, snapd, lxd, google-guest-agent
| Package | 24.04 LTS |
|---|---|
| golang-go.crypto | Needs evaluation |
| snapd | Needs evaluation |
| lxd | Not in release |
| google-guest-agent | Needs evaluation |