Search CVE reports


Toggle filters

11 – 20 of 20 results


CVE-2019-7313

Medium priority

Some fixes available 12 of 14

www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain.

1 affected package

buildbot

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
buildbot Fixed Fixed Fixed Vulnerable Not affected
Show less packages

CVE-2015-5330

Medium priority

Some fixes available 14 of 15

ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap...

3 affected packages

ldb, samba, samba4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ldb Fixed
samba Fixed
samba4 Not in release
Show less packages

CVE-2015-3223

Medium priority

Some fixes available 13 of 14

The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows...

3 affected packages

ldb, samba, samba4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ldb Fixed
samba Fixed
samba4 Not in release
Show less packages

CVE-2009-2967

Medium priority
Ignored

Multiple cross-site scripting (XSS) vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959.

1 affected package

buildbot

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
buildbot
Show less packages

CVE-2009-2959

Medium priority
Ignored

Cross-site scripting (XSS) vulnerability in the waterfall web status view (status/web/waterfall.py) in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

1 affected package

buildbot

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
buildbot
Show less packages

CVE-2008-0320

Medium priority
Fixed

Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.

3 affected packages

hsqldb, openoffice.org, openoffice.org-amd64

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hsqldb
openoffice.org
openoffice.org-amd64
Show less packages

CVE-2007-5747

Medium priority
Fixed

Integer underflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted values that trigger an excessive loop and a...

3 affected packages

hsqldb, openoffice.org, openoffice.org-amd64

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hsqldb
openoffice.org
openoffice.org-amd64
Show less packages

CVE-2007-5746

Medium priority
Fixed

Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based...

3 affected packages

hsqldb, openoffice.org, openoffice.org-amd64

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hsqldb
openoffice.org
openoffice.org-amd64
Show less packages

CVE-2007-5745

Medium priority
Fixed

Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2)...

3 affected packages

hsqldb, openoffice.org, openoffice.org-amd64

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hsqldb
openoffice.org
openoffice.org-amd64
Show less packages

CVE-2007-4575

Medium priority

Some fixes available 7 of 9

HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."

3 affected packages

hsqldb, openoffice.org, openoffice.org-amd64

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hsqldb
openoffice.org
openoffice.org-amd64
Show less packages