Search CVE reports
11 – 20 of 45004 results
Potential denial-of-service vulnerability in HttpResponseRedirect and HttpResponsePermanentRedirect on Windows
1 affected package
python-django
| Package | 16.04 LTS |
|---|---|
| python-django | Not affected |
container escape and denial of service due to arbitrary write gadgets and procfs write redirects
3 affected packages
runc, runc-app, runc-stable
| Package | 16.04 LTS |
|---|---|
| runc | Ignored |
| runc-app | — |
| runc-stable | Not in release |
container escape with malicious config due to /dev/console mount and related races
3 affected packages
runc, runc-app, runc-stable
| Package | 16.04 LTS |
|---|---|
| runc | Ignored |
| runc-app | — |
| runc-stable | Not in release |
container escape via 'masked path' abuse due to mount race conditions
3 affected packages
runc, runc-app, runc-stable
| Package | 16.04 LTS |
|---|---|
| runc | Ignored |
| runc-app | — |
| runc-stable | Not in release |
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. The methods `QuerySet.filter()`, `QuerySet.exclude()`, and `QuerySet.get()`, and the class `Q()`, are subject to SQL injection when using a...
1 affected package
python-django
| Package | 16.04 LTS |
|---|---|
| python-django | Not affected |
wcurl path traversal with percent-encoded slashes
1 affected package
curl
| Package | 16.04 LTS |
|---|---|
| curl | Not affected |
missing SFTP host verification with wolfSSH
1 affected package
curl
| Package | 16.04 LTS |
|---|---|
| curl | Not affected |
Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code...
1 affected package
redis
| Package | 16.04 LTS |
|---|---|
| redis | Needs evaluation |
The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later reads of this object can result in read access violations.
1 affected package
mongodb
| Package | 16.04 LTS |
|---|---|
| mongodb | Needs evaluation |
lighttpd1.4.80 incorrectly merged trailer fields into headers after http request parsing. This behavior can be exploited to conduct HTTP Header Smuggling attacks. Successful exploitation may allow an attacker to: * Bypass...
1 affected package
lighttpd
| Package | 16.04 LTS |
|---|---|
| lighttpd | Needs evaluation |