CVE search results

81 – 90 of 142 results

Detailed view

Sort by:

CVE-2017-6829

Medium priority

Fixed

The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

1 affected package

audiofile

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
audiofile	—	—	—	—

CVE-2016-1000031

Negligible priority

Ignored

Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution

4 affected packages

libcommons-fileupload-java, tomcat6, tomcat7, tomcat8

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libcommons-fileupload-java	—	—	—	—
tomcat6	—	—	—	—
tomcat7	—	—	—	—
tomcat8	—	—	—	—

CVE-2016-7162

Medium priority

Fixed

The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.

1 affected package

file-roller

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
file-roller	—	—	—	—

CVE-2016-3092

Medium priority

Some fixes available 8 of 13

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a...

5 affected packages

tomcat6, tomcat8, libcommons-fileupload-java, tomcat7, tomcat9

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
tomcat6	Not in release	Not in release	Not in release	Not in release
tomcat8	Not in release	Not in release	Not in release	Not affected
libcommons-fileupload-java	Not affected	Not affected	Not affected	Not affected
tomcat7	Not in release	Not in release	Not in release	Not affected
tomcat9	Not affected	Not affected	Not affected	Not affected

CVE-2014-0236

Medium priority

Not affected

file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage value in a CDF file, related to...

2 affected packages

file, php5

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
file	—	—	—	—
php5	—	—	—	—

CVE-2015-8607

Medium priority

Fixed

The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection...

2 affected packages

libfile-spec-perl, perl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libfile-spec-perl	—	—	—	—
perl	—	—	—	—

CVE-2015-8865

Low priority

Some fixes available 5 of 7

The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent...

3 affected packages

file, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
file	—	—	—	Not affected
php5	—	—	—	Not in release
php7.0	—	—	—	Not in release

CVE-2014-9756

Low priority

Fixed

The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable.

1 affected package

libsndfile

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libsndfile	—	—	—	—

CVE-2015-7805

Medium priority

Fixed

Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file.

1 affected package

libsndfile

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libsndfile	—	—	—	—

CVE-2015-8075

Low priority

Not affected

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

1 affected package

libsndfile

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libsndfile	—	—	—	—

Export to JSON

Results by page:

Search CVE reports