Product:

Extra_packages_for_enterprise_linux

(Fedoraproject)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 76
Date Id Summary Products Score Patch Annotated
2023-05-30 CVE-2023-34151 A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546). Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Imagemagick, Enterprise_linux 5.5
2023-05-30 CVE-2023-34152 A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured. Extra_packages_for_enterprise_linux, Fedora, Imagemagick, Enterprise_linux 9.8
2023-05-30 CVE-2023-34153 A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding. Extra_packages_for_enterprise_linux, Fedora, Imagemagick, Enterprise_linux 7.8
2020-01-16 CVE-2020-7106 Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS). Cacti, Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Backports_sle, Leap, Package_hub 6.1
2020-02-26 CVE-2020-9274 An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to access a non-existent list member. This is related to init_aliases in diraliases.c. Ubuntu_linux, Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Pure\-Ftpd 7.5
2020-12-08 CVE-2020-27818 A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. An attacker able to pass a malicious file to be processed by pngcheck could cause a temporary denial of service, posing a low risk to application availability. Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Pngcheck 3.3
2021-01-05 CVE-2020-27842 There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability. Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Outside_in_technology, Codeready_linux_builder, Codeready_linux_builder_for_ibm_z_systems, Codeready_linux_builder_for_power_little_endian, Enterprise_linux, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_little_endian, Openjpeg 5.5
2021-02-23 CVE-2021-20247 A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially crafted mailbox names containing '..' path components to access data outside the designated mailbox on the opposite end of the synchronization channel. The highest threat from this vulnerability is to data confidentiality and integrity. Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Mbsync 7.4
2021-08-24 CVE-2021-38714 In Plib through 1.85, there is an integer overflow vulnerability that could result in arbitrary code execution. The vulnerability is found in ssgLoadTGA() function in src/ssg/ssgLoadTGA.cxx file. Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Plib 8.8
2021-09-08 CVE-2021-21897 A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. A specially-crafted .dxf file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Dxflib 8.8