Search CVE reports
21 – 30 of 39708 results
ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null check when parsing XMP profiles. Attackers can craft malicious image files with specially crafted XMP data to trigger...
1 affected package
imagemagick
| Package | 24.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more...
1 affected package
imagemagick
| Package | 24.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
Not in release
(Horde Virtual File System (VFS) API before 3.0.1 contains an OS comman ...)
1 affected package
php-horde-vfs
| Package | 24.04 LTS |
|---|---|
| php-horde-vfs | Not in release |
Apprise is an open source library which allows you to send a notification to almost all of the most popular notification services available. Prior to 1.11.0, Apprise HTTP-based notification plugins and HTTP attachment and config...
1 affected package
apprise
| Package | 24.04 LTS |
|---|---|
| apprise | Needs evaluation |
RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ does not perform authorization checks on passive queue.declare and exchange.declare AMQP 0-9-1 operations, allowing any...
1 affected package
rabbitmq-server
| Package | 24.04 LTS |
|---|---|
| rabbitmq-server | Needs evaluation |
RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, the RabbitMQ stream listener does not enforce the configured stream frame-size limit while assembling frames during authentication and before Tune negotiation, allowing...
1 affected package
rabbitmq-server
| Package | 24.04 LTS |
|---|---|
| rabbitmq-server | Needs evaluation |
RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, the obsolete GET /api/auth endpoint can disclose the OAuth 2 client secret on RabbitMQ installations configured...
1 affected package
rabbitmq-server
| Package | 24.04 LTS |
|---|---|
| rabbitmq-server | Needs evaluation |
RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, RabbitMQ AMQP 0-9-1 allows an existing consumer to keep receiving messages after OAuth token expiry or connection.update_secret refresh to reduced scopes...
1 affected package
rabbitmq-server
| Package | 24.04 LTS |
|---|---|
| rabbitmq-server | Needs evaluation |
RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.21, 4.1.11, and 4.2.6, RabbitMQ topic authorization can allow restricted topic writes and binds during metadata-store failures because topic-permission lookup...
1 affected package
rabbitmq-server
| Package | 24.04 LTS |
|---|---|
| rabbitmq-server | Needs evaluation |
RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, AMQP 0-9-1, AMQP 1.0, and Stream Protocol authentication can allow a loopback-restricted user such as guest to connect remotely...
1 affected package
rabbitmq-server
| Package | 24.04 LTS |
|---|---|
| rabbitmq-server | Needs evaluation |