Search CVE reports
241 – 250 of 42731 results
A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the newPassword parameter in the password change functionality.
1 affected package
sogo
| Package | 20.04 LTS |
|---|---|
| sogo | Needs evaluation |
A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the search parameter of the allContactSearch endpoint.
1 affected package
sogo
| Package | 20.04 LTS |
|---|---|
| sogo | Needs evaluation |
BLF file parser in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows possible information disclosure
1 affected package
wireshark
| Package | 20.04 LTS |
|---|---|
| wireshark | Needs evaluation |
A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or...
12 affected packages
mailcap, openjdk-8, openjdk-9, openjdk-lts, openjdk-13...
| Package | 20.04 LTS |
|---|---|
| mailcap | — |
| openjdk-8 | Not affected |
| openjdk-9 | — |
| openjdk-lts | Not affected |
| openjdk-13 | Ignored |
| openjdk-16 | Ignored |
| openjdk-17 | Not affected |
| openjdk-17-crac | — |
| openjdk-18 | — |
| openjdk-21 | Not affected |
| openjdk-21-crac | — |
| openjdk-25 | — |
etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls to split HTTP and gRPC client endpoints onto separate listeners, the...
1 affected package
etcd
| Package | 20.04 LTS |
|---|---|
| etcd | Needs evaluation |
AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Prior to 2.23.1, a malicious SSH server can write arbitrary files on the...
1 affected package
python-asyncssh
| Package | 20.04 LTS |
|---|---|
| python-asyncssh | Needs evaluation |
AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version 2.23.0 contains an incomplete fix for CVE-2026-45309...
1 affected package
python-asyncssh
| Package | 20.04 LTS |
|---|---|
| python-asyncssh | Needs evaluation |
Catapult DCT2000 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
1 affected package
wireshark
| Package | 20.04 LTS |
|---|---|
| wireshark | Needs evaluation |
pcapng file parser crash in Wireshark 4.6.0 to 4.6.6 allows denial of service
1 affected package
wireshark
| Package | 20.04 LTS |
|---|---|
| wireshark | Needs evaluation |
FMP/NOTIFY protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
1 affected package
wireshark
| Package | 20.04 LTS |
|---|---|
| wireshark | Needs evaluation |