Search CVE reports
11 – 20 of 132 results
CVE-2021-4156
Low prioritySome fixes available 1 of 9
An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and...
1 affected packages
libsndfile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libsndfile | Not affected | Vulnerable | Vulnerable | Vulnerable | Fixed |
CVE-2022-24599
Low prioritySome fixes available 7 of 9
In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the...
1 affected packages
audiofile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
audiofile | — | Fixed | Fixed | Fixed | Fixed |
CVE-2021-43820
Medium prioritySeafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a...
1 affected packages
seafile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
seafile | — | Not affected | Not affected | Not affected | Ignored |
CVE-2021-3246
Medium prioritySome fixes available 7 of 8
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
1 affected packages
libsndfile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libsndfile | — | Fixed | Fixed | Fixed | Fixed |
CVE-2009-0948
Medium priorityMultiple buffer overflows in the (1) cdf_read_sat, (2) cdf_read_long_sector_chain, and (3) cdf_read_ssat function in file before 5.02.
1 affected packages
file
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
file | — | — | — | — | Not affected |
CVE-2009-0947
Medium priorityMultiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in file before 5.02.
1 affected packages
file
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
file | — | — | — | — | Not affected |
CVE-2020-36314
Medium priorityfr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain...
1 affected packages
file-roller
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
file-roller | — | — | Fixed | Fixed | Fixed |
CVE-2021-30146
Medium prioritySeafile 7.0.5 (2019) allows Persistent XSS via the "share of library functionality."
1 affected packages
seafile-client
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
seafile-client | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
CVE-2017-18925
Medium priorityopentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d entries are mishandled and allow a symlink attack.
1 affected packages
opentmpfiles
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
opentmpfiles | Not in release | Not in release | Needs evaluation | Not in release | Not in release |
CVE-2020-11736
Medium priorityfr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.
1 affected packages
file-roller
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
file-roller | — | — | Fixed | Fixed | Fixed |