Search CVE reports

Toggle filters

81 – 90 of 112 results

CVE-2017-12618

Low priority

Some fixes available 2 of 4

Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to...

1 affected package

apr-util

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apr-util Not affected Not affected Not affected
Show less packages

CVE-2017-12613

Low priority

Some fixes available 2 of 4

When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t...

1 affected package

apr

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apr Not affected Not affected Not affected
Show less packages

CVE-2016-6312

Low priority
Not affected

The mod_dontdothat component of the mod_dav_svn Apache module in Subversion as packaged in Red Hat Enterprise Linux 5.11 does not properly detect recursion during entity expansion, which allows remote authenticated users with...

1 affected package

apr-util

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apr-util
Show less packages

CVE-2017-9233

Medium priority

Some fixes available 7 of 100

XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.

33 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
audacity Not affected Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release Not in release
cableswig Not in release Not in release Not in release Not in release Not in release
cadaver Not affected Not affected Not affected Not affected Not affected
cmake Not affected Not affected Not affected Not affected Not affected
coin3 Not affected Not affected Not affected Not affected Needs evaluation
expat Not affected Not affected Not affected Not affected Not affected
firefox Not affected Not affected Not affected Not in release Not affected
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
insighttoolkit Not in release Not in release Not in release Not in release Not in release
insighttoolkit4 Not in release Not in release Not affected Not affected Not affected
kompozer Not in release Not in release Not in release Not in release Not in release
libparagui1.1 Not in release Not in release Not in release Not in release Not in release
libxmltok Not in release Not affected Not affected Not affected Not affected
matanza Ignored Ignored Ignored Ignored Ignored
poco Not affected Not affected Not affected Not affected Not affected
simgear Not affected Not affected Not affected Not affected Not affected
sitecopy Needs evaluation Not in release Not affected Not affected Not affected
smart Not in release Not in release Not in release Not in release Not affected
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tdom Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected Not in release Not affected
tla Not in release Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Not in release Ignored
vtk Not in release Not in release Not in release Not in release Not in release
wbxml2 Not affected Not affected Not affected Not affected Not affected
wxwidgets2.6 Not in release Not in release Not in release Not in release Not in release
wxwidgets2.8 Not in release Not in release Not in release Not in release Not in release
xmlrpc-c Not affected Not affected Not affected Not affected Not affected
Show all 33 packages Show less packages

CVE-2016-5360

Medium priority
Fixed

HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other impact via unknown vectors.

1 affected package

haproxy

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
haproxy
Show less packages

CVE-2016-3711

Low priority
Not affected

HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allows local users to obtain the internal IP address of a pod by reading the "OPENSHIFT_[namespace]_SERVERID" cookie.

1 affected package

haproxy

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
haproxy
Show less packages

CVE-2016-5300

Medium priority

Some fixes available 5 of 102

The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this...

31 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
audacity Not affected Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release Not in release
cableswig Not in release Not in release Not in release Not in release Not in release
cadaver Not affected Not affected Not affected Not affected Not affected
cmake Not affected Not affected Not affected Not affected Not affected
coin3 Not affected Not affected Not affected Not affected Not affected
expat Not affected Not affected Not affected Not affected Not affected
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
insighttoolkit Not in release Not in release Not in release Not in release Not in release
kompozer Not in release Not in release Not in release Not in release Not in release
libparagui1.1 Not in release Not in release Not in release Not in release Not in release
libxmltok Not in release Not affected Not affected Not affected Not affected
matanza Not affected Not affected Not affected Not affected Not affected
poco Not affected Not affected Not affected Not affected Not affected
simgear Not affected Not affected Not affected Not affected Not affected
sitecopy Needs evaluation Not in release Not affected Not affected Not affected
smart Not in release Not in release Not in release Not in release Not affected
swish-e Not affected Not affected Not affected Not affected Not affected
tdom Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
tla Not in release Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Not in release Ignored
vtk Not in release Not in release Not in release Not in release Not in release
wbxml2 Not affected Not affected Not affected Not affected Not affected
wxwidgets2.6 Not in release Not in release Not in release Not in release Not in release
wxwidgets2.8 Not in release Not in release Not in release Not in release Not in release
xmlrpc-c Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
xotcl Not affected Not affected Not affected Not affected Not affected
Show all 31 packages Show less packages

CVE-2015-1283

Medium priority

Some fixes available 43 of 253

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or...

33 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
audacity Not affected Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release Not in release
cableswig Not in release Not in release Not in release Not in release Not in release
cadaver Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
chromium-browser Fixed Fixed Fixed Fixed Fixed
cmake Not affected Not affected Not affected Not affected Not affected
coin3 Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
expat Not affected Not affected Not affected Not affected Not affected
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
insighttoolkit Not in release Not in release Not in release Not in release Not in release
kompozer Not in release Not in release Not in release Not in release Not in release
libparagui1.1 Not in release Not in release Not in release Not in release Not in release
libxmltok Not in release Fixed Fixed Fixed Fixed
matanza Ignored Ignored Ignored Ignored Ignored
oxide-qt Not in release Not in release Not in release Not in release Not in release
poco Not affected Not affected Not affected Not affected Not affected
simgear Not affected Not affected Not affected Not affected Not affected
sitecopy Needs evaluation Not in release Not affected Not affected Not affected
smart Not in release Not in release Not in release Not in release Not affected
swish-e Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
tdom Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
tla Not in release Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Not in release Vulnerable
vtk Not in release Not in release Not in release Not in release Not in release
wbxml2 Not affected Not affected Not affected Not affected Not affected
wxwidgets2.6 Not in release Not in release Not in release Not in release Not in release
wxwidgets2.8 Not in release Not in release Not in release Not in release Not in release
xmlrpc-c Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
xotcl Not affected Not affected Not affected Not affected Not affected
Show all 33 packages Show less packages

CVE-2015-3281

Medium priority
Fixed

The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized...

1 affected package

haproxy

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
haproxy
Show less packages

CVE-2014-6269

Medium priority
Not affected

Multiple integer overflows in the http_request_forward_body function in proto_http.c in HAProxy 1.5-dev23 before 1.5.4 allow remote attackers to cause a denial of service (crash) via a large stream of data, which triggers a buffer...

1 affected package

haproxy

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
haproxy
Show less packages
  1. Previous page
  2. 7
  3. 8
  4. 9
  5. 10
  6. 11
  7. Next page
Export to JSON