Search CVE reports
31 – 40 of 36507 results
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the DJVU image format handler. The...
1 affected package
imagemagick
| Package | 22.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability occurs when processing an image with small dimension...
1 affected package
imagemagick
| Package | 22.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
Not in release
The `basic-ftp` FTP client library for Node.js contains a path traversal vulnerability (CWE-22) in versions prior to 5.2.0 in the `downloadToDir()` method. A malicious FTP server can send directory listings with filenames...
1 affected package
node-proxy-agents
| Package | 22.04 LTS |
|---|---|
| node-proxy-agents | Not in release |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a missing bounds check in `smartcard_unpack_read_size_align()` (`libfreerdp/utils/smartcard_pack.c:1703`) allows a malicious RDP server...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 22.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Needs evaluation |
| freerdp3 | Not in release |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `rail_window_free` dereferences a freed `xfAppWindow` pointer during `HashTable_Free` cleanup because `xf_rail_window_common` calls...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 22.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Needs evaluation |
| freerdp3 | Not in release |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, `planar_decompress_plane_rle()` writes into `pDstData` at `((nYDst+y) * nDstStep) + (4*nXDst) + nChannel`...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 22.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Needs evaluation |
| freerdp3 | Not in release |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline (e.g., `xfreerdp`) by sending an...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 22.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Needs evaluation |
| freerdp3 | Not in release |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer overread in `freerdp_image_copy_from_icon_data()` (libfreerdp/codec/color.c) can be triggered by crafted RDP Window...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 22.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Needs evaluation |
| freerdp3 | Not in release |
A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting...
1 affected package
udisks2
| Package | 22.04 LTS |
|---|---|
| udisks2 | Not affected |
A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the...
1 affected package
udisks2
| Package | 22.04 LTS |
|---|---|
| udisks2 | Not affected |