Search CVE reports
21 – 30 of 25599 results
Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elements in AngularJS's 'ngSanitize' module allows attackers to bypass common image source restrictions. This can lead to a form of ...
1 affected package
angular.js
| Package | 24.04 LTS |
|---|---|
| angular.js | Ignored |
File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when grep() encounters a crafted file name
1 affected package
libfile-find-rule-perl
| Package | 24.04 LTS |
|---|---|
| libfile-find-rule-perl | Needs evaluation |
Potential log injection via unescaped request path
1 affected package
python-django
| Package | 24.04 LTS |
|---|---|
| python-django | Fixed |
Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file
1 affected package
wireshark
| Package | 24.04 LTS |
|---|---|
| wireshark | Needs evaluation |
billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
1 affected package
cacti
| Package | 24.04 LTS |
|---|---|
| cacti | Needs evaluation |
[WebSocket endless loop]
1 affected package
curl
| Package | 24.04 LTS |
|---|---|
| curl | Not affected |
Hibernate Validator before 6.2.0 and 7.0.0, by default and depending how it is used, may interpolate user-supplied input in a constraint violation message with Expression Language. This could allow an attacker to access sensitive...
2 affected packages
libhibernate-validator-java, libhibernate-validator4-java
| Package | 24.04 LTS |
|---|---|
| libhibernate-validator-java | Needs evaluation |
| libhibernate-validator4-java | Needs evaluation |
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Use after free in Blink in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using...
11 affected packages
python2.7, python3.10, python3.11, python3.12, python3.13...
| Package | 24.04 LTS |
|---|---|
| python2.7 | Not in release |
| python3.10 | Not in release |
| python3.11 | Not in release |
| python3.12 | Needs evaluation |
| python3.13 | Not in release |
| python3.4 | Not in release |
| python3.5 | Not in release |
| python3.6 | Not in release |
| python3.7 | Not in release |
| python3.8 | Not in release |
| python3.9 | Not in release |