Search CVE reports
61 – 70 of 37910 results
CVE-2024-47539
Medium priorityGStreamer is a library for constructing graphs of media-handling components. An out-of-bounds write vulnerability was identified in the convert_to_s334_1a function in isomp4/qtdemux.c. The vulnerability arises due to a discrepancy...
2 affected packages
gst-plugins-good0.10, gst-plugins-good1.0
Package | 16.04 LTS |
---|---|
gst-plugins-good0.10 | Needs evaluation |
gst-plugins-good1.0 | Needs evaluation |
CVE-2024-47538
Medium priorityGStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the vorbis_handle_identification_packet function within gstvorbisdec.c. The position array is a...
2 affected packages
gst-plugins-base0.10, gst-plugins-base1.0
Package | 16.04 LTS |
---|---|
gst-plugins-base0.10 | Needs evaluation |
gst-plugins-base1.0 | Needs evaluation |
CVE-2024-47537
Medium priorityGStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_count elements of type...
2 affected packages
gst-plugins-good0.10, gst-plugins-good1.0
Package | 16.04 LTS |
---|---|
gst-plugins-good0.10 | Needs evaluation |
gst-plugins-good1.0 | Needs evaluation |
CVE-2024-45337
Medium priorityApplications and libraries which misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not...
3 affected packages
golang-go.crypto, lxd, snapd
Package | 16.04 LTS |
---|---|
golang-go.crypto | Needs evaluation |
lxd | Needs evaluation |
snapd | Needs evaluation |
CVE-2024-4109
Medium priorityA flaw was found in Undertow. An HTTP request header value from a previous stream may be incorrectly reused for a request associated with a subsequent stream on the same HTTP/2 connection. This issue can potentially lead...
1 affected package
undertow
Package | 16.04 LTS |
---|---|
undertow | Needs evaluation |
CVE-2024-12570
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.4.6, from 17.5 prior to 17.5.4, and from 17.6 prior to 17.6.2. It may have been possible for an attacker with a victim's...
1 affected package
gitlab
Package | 16.04 LTS |
---|---|
gitlab | Ignored |
CVE-2024-12292
Medium priorityAn issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, where sensitive information passed in GraphQL mutations...
1 affected package
gitlab
Package | 16.04 LTS |
---|---|
gitlab | Ignored |
CVE-2024-11274
Medium priorityAn issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, injection of NEL headers in k8s proxy response could...
1 affected package
gitlab
Package | 16.04 LTS |
---|---|
gitlab | Ignored |
CVE-2024-10043
Medium priorityAn issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to...
1 affected package
gitlab
Package | 16.04 LTS |
---|---|
gitlab | Ignored |
CVE-2024-48912
Medium priorityGLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.17, an authenticated user can use an application endpoint to delete any user account. Version 10.0.17 contains a patch...
1 affected package
glpi
Package | 16.04 LTS |
---|---|
glpi | Needs evaluation |