Search CVE reports
31 – 40 of 41410 results
[Netrc credential leak in PSF requests library]
2 affected packages
python-pip, requests
| Package | 16.04 LTS |
|---|---|
| python-pip | Needs evaluation |
| requests | Needs evaluation |
Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the...
11 affected packages
python2.7, python3.10, python3.11, python3.12, python3.13...
| Package | 16.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.4 | — |
| python3.5 | Not affected |
| python3.6 | — |
| python3.7 | — |
| python3.8 | — |
| python3.9 | — |
This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to...
1 affected package
grafana
| Package | 16.04 LTS |
|---|---|
| grafana | Needs evaluation |
A security vulnerability in the /apis/dashboard.grafana.app/* endpoints allows authenticated users to bypass dashboard and folder permissions. The vulnerability affects all API versions (v0alpha1, v1alpha1, v2alpha1). Impact: -...
1 affected package
grafana
| Package | 16.04 LTS |
|---|---|
| grafana | Needs evaluation |
An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL...
3 affected packages
qt6-base, qtbase-opensource-src, qtbase-opensource-src-gles
| Package | 16.04 LTS |
|---|---|
| qt6-base | — |
| qtbase-opensource-src | Needs evaluation |
| qtbase-opensource-src-gles | Needs evaluation |
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP...
1 affected package
roundcube
| Package | 16.04 LTS |
|---|---|
| roundcube | Needs evaluation |
setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev->size - prev->used.
3 affected packages
redict, redis, valkey
| Package | 16.04 LTS |
|---|---|
| redict | — |
| redis | Needs evaluation |
| valkey | — |
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The...
1 affected package
modsecurity-apache
| Package | 16.04 LTS |
|---|---|
| modsecurity-apache | Needs evaluation |
A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4.
1 affected package
sslh
| Package | 16.04 LTS |
|---|---|
| sslh | Needs evaluation |
A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4.
1 affected package
sslh
| Package | 16.04 LTS |
|---|---|
| sslh | Needs evaluation |