Lucene search
K

173 matches found

OpenVAS
OpenVAS
added 2024/03/25 12:0 a.m.8 views

Fedora: Security Advisory for libre (FEDORA-2024-a63e807450)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2024/03/23 12:50 a.m.14 views

[SECURITY] Fedora 40 Update: libre-3.10.0-1.fc40

Libre is a generic library for real-time communications with async I/O support. Features are a SIP stack RFC 3261, SDP, RTP and RTCP, SRTP and SRTCP Secure RTP, DNS client, STUN/TURN/ICE stack, BFCP, HTTP stack with client/server, Websockets, Jitter buffer, async I/O poll, epoll, select, kqueue,...

7.4AI score
Exploits0
OSV
OSV
added 2023/09/27 3:19 p.m.17 views

UBUNTU-CVE-2023-41326

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. A logged user from any profile can hijack the Kanban feature to alter any user field, and end-up with...

8.8CVSS5.8AI score0.3095EPSS
Exploits0References3
CVE
CVE
added 2023/09/26 10:45 p.m.71 views

CVE-2023-42461

GLPI (Gestionnaire Libre de Parc Informatique) has an SQL injection vulnerability (CVE-2023-42461) in the ticket/search path where the ITIL actor input field in the Ticket form can be exploited. This affects GLPI versions prior to 10.0.13; an authenticated user can abuse the vulnerable query, pot...

9.8CVSS8.4AI score0.00899EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/09/26 10:44 p.m.71 views

CVE-2023-41888

CVE-2023-41888 concerns GLPI (Gestionnaire Libre de Parc Informatique). Multiple connected sources describe vulnerabilities in GLPI prior to fixed versions, including pre-10.13 and pre-10.0.13 lines, with various flaws (SQL injection, SSRF, XSS, unauthorized data access) that could enable informa...

5.4CVSS5.2AI score0.00417EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/09/26 10:37 p.m.2522 views

CVE-2023-41324

GLPI (Gestionnaire Libre de Parc Informatique) vulnerability CVE-2023-41324 is evidenced in connected records as a SQL injection flaw in GLPI’s search functionality. Affected are GLPI versions prior to 10.0.13 (per PT Security entries); authenticated users can exploit the flaw to access or extrac...

8.8CVSS8.2AI score0.00737EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/09/26 10:35 p.m.95 views

CVE-2023-41323

CVE-2023-41323 affects GLPI (Gestionnaire Libre de Parc Informatique). An unauthenticated attacker can enumerate user logins, exposing usernames. Root cause: information disclosure enabling enumeration without authentication; impact is limited to confidentiality (usernames exposed) with no other ...

5.3CVSS5.2AI score0.33874EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/09/26 10:34 p.m.77 views

CVE-2023-41322

GLPI (Gestionnaire Libre de Parc Informatique) is affected by CVE-2023-41322. A user with write access to another user can request a password change and take control of that account, representing an authentication/authorization risk. The initial description recommends upgrading to version 10.0.10...

8.8CVSS7AI score0.00731EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/09/26 9:16 p.m.2524 views

CVE-2023-41321

GLPI (Gestionnaire Libre de Parc Informatique) prior to version 10.0.10 contains an API issue where an API user with read access can enumerate sensitive field values on resources. The vulnerability affects confidentiality (C) but has no impact on integrity/availability according to the provided d...

6.5CVSS5.6AI score0.00738EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.4 views

SUSE CVE-2018-14524

dwgdecodeeed in decode.c in GNU LibreDWG before 0.6 leads to a double free in dwgfreeeed in free.c because it does not properly manage the obj-eed value after a free occurs...

6.5CVSS6.5AI score0.01058EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.3 views

SUSE CVE-2019-9779

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwgdxfLTYPE at dwg.spec earlier than CVE-2019-9776...

7.5CVSS6.8AI score0.02772EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:6 a.m.3 views

SUSE CVE-2019-18804

DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filterfv at IW44EncodeCodec.cpp...

3.3CVSS7AI score0.03667EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.3 views

SUSE CVE-2019-20009

An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeSPLINEprivate in dwg.spec...

6.5CVSS6.4AI score0.01373EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.2 views

SUSE CVE-2019-20011

An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decodeR13R2000 in decode.c...

8.8CVSS8.3AI score0.0147EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.4 views

SUSE CVE-2019-20915

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bitwriteTF in bits.c...

8.1CVSS8.2AI score0.01245EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:55 a.m.4 views

SUSE CVE-2020-21815

A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via outputTEXT ../../programs/dwg2SVG.c:114, which causes a denial of service application crash...

6.5CVSS6.5AI score0.00904EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:55 a.m.4 views

SUSE CVE-2020-21830

A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bitcalcCRC ../../src/bits.c:2213...

8.8CVSS8.9AI score0.01124EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:55 a.m.6 views

SUSE CVE-2020-21819

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641via htmlescape ../../programs/escape.c:51...

8.8CVSS8.9AI score0.01124EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:54 a.m.6 views

SUSE CVE-2020-21836

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read2004sectionpreview ../../src/decode.c:3175...

8.8CVSS8.9AI score0.01064EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:54 a.m.8 views

SUSE CVE-2020-21838

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read2004sectionappinfo ../../src/decode.c:2842...

8.8CVSS8.9AI score0.01064EPSS
Exploits1References3
Rows per page
Query Builder