Search CVE reports
1 – 9 of 9 results
CVE-2024-32487
Medium priorityless through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files...
1 affected packages
less
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| less | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2022-48624
Medium prioritySome fixes available 6 of 7
close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.
1 affected packages
less
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| less | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2022-46663
Medium priorityIn GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal.
1 affected packages
less
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| less | — | Fixed | Not affected | Not affected | Not affected |
CVE-2016-6866
Low prioritySome fixes available 1 of 5
slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash.
1 affected packages
suckless-tools
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| suckless-tools | — | — | — | Not affected | Not affected |
CVE-2014-9488
Low priorityThe is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read.
1 affected packages
less
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| less | — | — | — | — | — |
CVE-2006-4124
Unknown priorityThe libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUG_FILE environment variable, which is used to create world-writable files when libXm is run from a setuid program.
1 affected packages
lesstif1-1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| lesstif1-1 | — | — | — | — | — |
CVE-2005-0605
Unknown priorityscan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
5 affected packages
lesstif1-1, lesstif2, openmotif, xorg, xterm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| lesstif1-1 | — | — | — | — | — |
| lesstif2 | — | — | — | — | — |
| openmotif | — | — | — | — | — |
| xorg | — | — | — | — | — |
| xterm | — | — | — | — | — |
CVE-2004-0914
Unknown priorityMultiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5)...
4 affected packages
lesstif1-1, lesstif2, openmotif, xorg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| lesstif1-1 | — | — | — | — | — |
| lesstif2 | — | — | — | — | — |
| openmotif | — | — | — | — | — |
| xorg | — | — | — | — | — |
CVE-2004-0688
Unknown priorityMultiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute...
4 affected packages
lesstif1-1, lesstif2, openmotif, xorg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| lesstif1-1 | — | — | — | — | — |
| lesstif2 | — | — | — | — | — |
| openmotif | — | — | — | — | — |
| xorg | — | — | — | — | — |