Search CVE reports
51 – 60 of 37811 results
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.3, kitty's OSC 21 (color-control) query reply reflects attacker-controlled bytes, including newlines, into the shell's input without sanitization. Version...
1 affected package
kitty
| Package | 24.04 LTS |
|---|---|
| kitty | Needs evaluation |
Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, `kitten dnd` can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the local kitty user. Remote...
1 affected package
kitty
| Package | 24.04 LTS |
|---|---|
| kitty | Needs evaluation |
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.2, a local privilege escalation vulnerability exists in kitty's file transmission protocol where a child process running in the terminal can write to...
1 affected package
kitty
| Package | 24.04 LTS |
|---|---|
| kitty | Needs evaluation |
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, a program able to write bytes to a kitty terminal — a remote SSH peer, a downloaded file viewed with `cat`, a log line, an email body rendered in `less`,...
1 affected package
kitty
| Package | 24.04 LTS |
|---|---|
| kitty | Needs evaluation |
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, it is possible to inject commands within the subshell through kitty error. A special escape code will make kitty return an error, this error is not escaped...
1 affected package
kitty
| Package | 24.04 LTS |
|---|---|
| kitty | Needs evaluation |
Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a...
2 affected packages
docker.io, docker.io-app
| Package | 24.04 LTS |
|---|---|
| docker.io | Needs evaluation |
| docker.io-app | Needs evaluation |
Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a...
2 affected packages
docker.io, docker.io-app
| Package | 24.04 LTS |
|---|---|
| docker.io | Needs evaluation |
| docker.io-app | Needs evaluation |
form-data is a library for creating readable multipart/form-data streams. In versions through 4.0.5, the `field` argument to `FormData#append` and the `filename` option are concatenated verbatim into the `Content-Disposition`...
1 affected package
node-form-data
| Package | 24.04 LTS |
|---|---|
| node-form-data | Needs evaluation |
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, a high-privileged MariaDB user...
5 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6
| Package | 24.04 LTS |
|---|---|
| mariadb | Needs evaluation |
| mariadb-10.0 | Not in release |
| mariadb-10.1 | Not in release |
| mariadb-10.3 | Not in release |
| mariadb-10.6 | Not in release |
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, during the SST the donor node is...
5 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6
| Package | 24.04 LTS |
|---|---|
| mariadb | Needs evaluation |
| mariadb-10.0 | Not in release |
| mariadb-10.1 | Not in release |
| mariadb-10.3 | Not in release |
| mariadb-10.6 | Not in release |