Search CVE reports


Toggle filters

71 – 80 of 134 results


CVE-2017-6832

Medium priority
Fixed

Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.

1 affected package

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
audiofile Fixed
Show less packages

CVE-2017-6831

Medium priority
Fixed

Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7 allows remote attackers to cause a denial of service (crash) via...

1 affected package

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
audiofile Fixed
Show less packages

CVE-2017-6830

Medium priority
Fixed

Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

1 affected package

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
audiofile Fixed
Show less packages

CVE-2017-6829

Medium priority
Fixed

The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

1 affected package

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
audiofile Fixed
Show less packages

CVE-2016-1000031

Negligible priority
Ignored

Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution

4 affected packages

libcommons-fileupload-java, tomcat6, tomcat7, tomcat8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libcommons-fileupload-java Ignored
tomcat6 Ignored
tomcat7 Ignored
tomcat8 Ignored
Show less packages

CVE-2016-7162

Medium priority
Fixed

The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.

1 affected package

file-roller

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file-roller Fixed
Show less packages

CVE-2016-3092

Medium priority

Some fixes available 8 of 13

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a...

5 affected packages

libcommons-fileupload-java, tomcat6, tomcat7, tomcat8, tomcat9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libcommons-fileupload-java Not affected Not affected Not affected Not affected Fixed
tomcat6 Not in release Not in release Not in release Not in release Vulnerable
tomcat7 Not in release Not in release Not in release Not affected Fixed
tomcat8 Not in release Not in release Not in release Not affected Fixed
tomcat9 Not affected Not affected Not affected Not affected Not in release
Show less packages

CVE-2014-0236

Medium priority
Not affected

file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage value in a CDF file, related to...

2 affected packages

file, php5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
php5
Show less packages

CVE-2015-8607

Medium priority
Fixed

The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection...

2 affected packages

libfile-spec-perl, perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libfile-spec-perl
perl
Show less packages

CVE-2015-8865

Low priority

Some fixes available 5 of 7

The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent...

3 affected packages

file, php5, php7.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file Not affected Not affected
php5 Not in release Not in release
php7.0 Not in release Fixed
Show less packages