Search CVE reports
1271 – 1280 of 36525 results
xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package...
1 affected package
node-xmldom
| Package | 24.04 LTS |
|---|---|
| node-xmldom | Needs evaluation |
GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP where a malformed BGP UPDATE message can...
1 affected package
gobgp
| Package | 24.04 LTS |
|---|---|
| gobgp | Needs evaluation |
GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP due to a nil pointer dereference. When...
1 affected package
gobgp
| Package | 24.04 LTS |
|---|---|
| gobgp | Needs evaluation |
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to...
1 affected package
openexr
| Package | 24.04 LTS |
|---|---|
| openexr | Needs evaluation |
Netty allows request-line validation to be bypassed when a `DefaultHttpRequest` or `DefaultFullHttpRequest` is created first and its URI is later changed via `setUri()`. The constructors reject CRLF and whitespace characters that...
1 affected package
netty
| Package | 24.04 LTS |
|---|---|
| netty | Needs evaluation |
Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the...
2 affected packages
incus, lxd
| Package | 24.04 LTS |
|---|---|
| incus | Needs evaluation |
| lxd | Not in release |
Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN database connection logic can allow connections to an attacker's OVN database. The OVN...
1 affected package
incus
| Package | 24.04 LTS |
|---|---|
| incus | Needs evaluation |
Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the...
2 affected packages
incus, lxd
| Package | 24.04 LTS |
|---|---|
| incus | Needs evaluation |
| lxd | Not in release |
Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage bucket import logic allows an authenticated user with access to the storage bucket feature to cause the...
1 affected package
incus
| Package | 24.04 LTS |
|---|---|
| incus | Needs evaluation |
In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site...
1 affected package
jupyter-notebook
| Package | 24.04 LTS |
|---|---|
| jupyter-notebook | Needs evaluation |