Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

71 – 80 of 26475 results

Status is adjusted based on your filters.


CVE-2024-49760

Medium priority

Not in release

OpenRefine is a free, open source tool for working with messy data. The load-language command expects a `lang` parameter from which it constructs the path of the localization file to load, of the form `translations-$LANG.json`....

1 affected packages

openrefine

Package 20.04 LTS
openrefine Not in release
Show less packages

CVE-2024-48426

Medium priority
Needs evaluation

A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address (0x1000c9714971).

4 affected packages

assimp, qt6-3d, qt6-quick3d, spring

Package 20.04 LTS
assimp Needs evaluation
qt6-3d Not in release
qt6-quick3d Not in release
spring Needs evaluation
Show less packages

CVE-2024-48425

Medium priority
Needs evaluation

A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at...

4 affected packages

assimp, qt6-3d, qt6-quick3d, spring

Package 20.04 LTS
assimp Needs evaluation
qt6-3d Not in release
qt6-quick3d Not in release
spring Needs evaluation
Show less packages

CVE-2024-48424

Medium priority
Needs evaluation

A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.

4 affected packages

assimp, qt6-3d, qt6-quick3d, spring

Package 20.04 LTS
assimp Needs evaluation
qt6-3d Not in release
qt6-quick3d Not in release
spring Needs evaluation
Show less packages

CVE-2024-48423

Medium priority
Needs evaluation

An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library.

3 affected packages

assimp, qt6-3d, qt6-quick3d

Package 20.04 LTS
assimp Needs evaluation
qt6-3d Not in release
qt6-quick3d Not in release
Show less packages

CVE-2024-48208

Medium priority
Needs evaluation

pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file.

1 affected packages

pure-ftpd

Package 20.04 LTS
pure-ftpd Needs evaluation
Show less packages

CVE-2024-47883

Medium priority

Not in release

The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the `java.net.URL` class to refer to (what are expected to be) local resource files, like images or...

1 affected packages

openrefine-butterfly

Package 20.04 LTS
openrefine-butterfly Not in release
Show less packages

CVE-2024-47882

Medium priority

Not in release

OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the built-in "Something went wrong!" error page includes the exception message and exception traceback without escaping HTML...

1 affected packages

openrefine

Package 20.04 LTS
openrefine Not in release
Show less packages

CVE-2024-47881

Medium priority

Not in release

OpenRefine is a free, open source tool for working with messy data. Starting in version 3.4-beta and prior to version 3.8.3, in the `database` extension, the "enable_load_extension" property can be set for the SQLite integration,...

1 affected packages

openrefine

Package 20.04 LTS
openrefine Not in release
Show less packages

CVE-2024-47880

Medium priority

Not in release

OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the `export-rows` command can be used in such a way that it reflects part of the request verbatim, with a Content-Type header also taken...

1 affected packages

openrefine

Package 20.04 LTS
openrefine Not in release
Show less packages