Search CVE reports


Toggle filters

101 – 110 of 134 results


CVE-2014-3538

Low priority

Some fixes available 3 of 4

file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking...

1 affected packages

file

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
Show less packages

CVE-2013-7345

Low priority

Some fixes available 4 of 5

The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU...

1 affected packages

file

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
Show less packages

CVE-2014-2270

Medium priority
Fixed

softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.

2 affected packages

file, php5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
php5
Show less packages

CVE-2014-1943

Medium priority
Fixed

Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.

2 affected packages

file, php5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
php5
Show less packages

CVE-2014-0050

Medium priority

Some fixes available 2 of 8

MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a...

3 affected packages

libcommons-fileupload-java, tomcat6, tomcat7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libcommons-fileupload-java Not affected Not affected
tomcat6 Not in release Not affected
tomcat7 Not affected Not affected
Show less packages

CVE-2013-2186

Medium priority
Fixed

The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL...

1 affected packages

libcommons-fileupload-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libcommons-fileupload-java
Show less packages

CVE-2013-4852

Medium priority

Some fixes available 14 of 26

Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use...

2 affected packages

filezilla, putty

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
filezilla Not affected Not affected
putty Fixed Fixed
Show less packages

CVE-2013-4668

Medium priority
Fixed

Directory traversal vulnerability in File Roller 3.6.x before 3.6.4, 3.8.x before 3.8.3, and 3.9.x before 3.9.3, when libarchive is used, allows remote attackers to create arbitrary files via a crafted archive that is not properly...

1 affected packages

file-roller

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file-roller
Show less packages

CVE-2013-0248

Negligible priority
Ignored

The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.

1 affected packages

libcommons-fileupload-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libcommons-fileupload-java
Show less packages

CVE-2012-1571

Low priority

Some fixes available 2 of 6

file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.

1 affected packages

file

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
Show less packages