Search CVE reports
71 – 80 of 132 results
CVE-2017-6830
Medium priorityHeap-based buffer overflow in the alaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
1 affected packages
audiofile
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| audiofile | — | — | — | — | Fixed |
CVE-2017-6829
Medium priorityThe decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
1 affected packages
audiofile
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| audiofile | — | — | — | — | Fixed |
CVE-2016-1000031
Negligible priorityApache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution
4 affected packages
libcommons-fileupload-java, tomcat6, tomcat7, tomcat8
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libcommons-fileupload-java | — | — | — | — | Ignored |
| tomcat6 | — | — | — | — | Ignored |
| tomcat7 | — | — | — | — | Ignored |
| tomcat8 | — | — | — | — | Ignored |
CVE-2016-7162
Medium priorityThe _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.
1 affected packages
file-roller
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| file-roller | — | — | — | — | Fixed |
CVE-2016-3092
Medium prioritySome fixes available 8 of 13
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a...
5 affected packages
libcommons-fileupload-java, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libcommons-fileupload-java | Not affected | Not affected | Not affected | Not affected | Fixed |
| tomcat6 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
| tomcat7 | Not in release | Not in release | Not in release | Not affected | Fixed |
| tomcat8 | Not in release | Not in release | Not in release | Not affected | Fixed |
| tomcat9 | Not affected | Not affected | Not affected | Not affected | Not in release |
CVE-2014-0236
Medium priorityfile before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage value in a CDF file, related to...
2 affected packages
file, php5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| file | — | — | — | — | — |
| php5 | — | — | — | — | — |
CVE-2015-8607
Medium priorityThe canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection...
2 affected packages
libfile-spec-perl, perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libfile-spec-perl | — | — | — | — | — |
| perl | — | — | — | — | — |
CVE-2015-8865
Low prioritySome fixes available 5 of 7
The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent...
3 affected packages
file, php5, php7.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| file | — | — | — | Not affected | Not affected |
| php5 | — | — | — | Not in release | Not in release |
| php7.0 | — | — | — | Not in release | Fixed |
CVE-2014-9756
Low priorityThe psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable.
1 affected packages
libsndfile
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libsndfile | — | — | — | — | — |
CVE-2015-7805
Medium priorityHeap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file.
1 affected packages
libsndfile
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libsndfile | — | — | — | — | — |