Search CVE reports
71 – 80 of 26475 results
CVE-2024-49760
Medium priorityNot in release
OpenRefine is a free, open source tool for working with messy data. The load-language command expects a `lang` parameter from which it constructs the path of the localization file to load, of the form `translations-$LANG.json`....
1 affected packages
openrefine
| Package | 20.04 LTS |
|---|---|
| openrefine | Not in release |
CVE-2024-48426
Medium priorityA segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address (0x1000c9714971).
4 affected packages
assimp, qt6-3d, qt6-quick3d, spring
| Package | 20.04 LTS |
|---|---|
| assimp | Needs evaluation |
| qt6-3d | Not in release |
| qt6-quick3d | Not in release |
| spring | Needs evaluation |
CVE-2024-48425
Medium priorityA segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at...
4 affected packages
assimp, qt6-3d, qt6-quick3d, spring
| Package | 20.04 LTS |
|---|---|
| assimp | Needs evaluation |
| qt6-3d | Not in release |
| qt6-quick3d | Not in release |
| spring | Needs evaluation |
CVE-2024-48424
Medium priorityA heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.
4 affected packages
assimp, qt6-3d, qt6-quick3d, spring
| Package | 20.04 LTS |
|---|---|
| assimp | Needs evaluation |
| qt6-3d | Not in release |
| qt6-quick3d | Not in release |
| spring | Needs evaluation |
CVE-2024-48423
Medium priorityAn issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library.
3 affected packages
assimp, qt6-3d, qt6-quick3d
| Package | 20.04 LTS |
|---|---|
| assimp | Needs evaluation |
| qt6-3d | Not in release |
| qt6-quick3d | Not in release |
CVE-2024-48208
Medium prioritypure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file.
1 affected packages
pure-ftpd
| Package | 20.04 LTS |
|---|---|
| pure-ftpd | Needs evaluation |
CVE-2024-47883
Medium priorityNot in release
The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the `java.net.URL` class to refer to (what are expected to be) local resource files, like images or...
1 affected packages
openrefine-butterfly
| Package | 20.04 LTS |
|---|---|
| openrefine-butterfly | Not in release |
CVE-2024-47882
Medium priorityNot in release
OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the built-in "Something went wrong!" error page includes the exception message and exception traceback without escaping HTML...
1 affected packages
openrefine
| Package | 20.04 LTS |
|---|---|
| openrefine | Not in release |
CVE-2024-47881
Medium priorityNot in release
OpenRefine is a free, open source tool for working with messy data. Starting in version 3.4-beta and prior to version 3.8.3, in the `database` extension, the "enable_load_extension" property can be set for the SQLite integration,...
1 affected packages
openrefine
| Package | 20.04 LTS |
|---|---|
| openrefine | Not in release |
CVE-2024-47880
Medium priorityNot in release
OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the `export-rows` command can be used in such a way that it reflects part of the request verbatim, with a Content-Type header also taken...
1 affected packages
openrefine
| Package | 20.04 LTS |
|---|---|
| openrefine | Not in release |