Search CVE reports
141 – 150 of 21464 results
CVE-2020-25720
Medium priorityA vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after...
1 affected packages
samba
| Package | 24.04 LTS |
|---|---|
| samba | Vulnerable |
CVE-2024-52867
Medium priorityguix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns (e.g., for setuid and setgid programs) are properly addressed. The vulnerability...
1 affected packages
guix
| Package | 24.04 LTS |
|---|---|
| guix | Needs evaluation |
CVE-2024-38370
Medium priorityNot in release
GLPI is a free asset and IT management software package. Starting in 9.2.0 and prior to 11.0.0, it is possible to download a document from the API without appropriate rights. Upgrade to 10.0.16.
1 affected packages
glpi
| Package | 24.04 LTS |
|---|---|
| glpi | Not in release |
CVE-2024-45611
Medium priorityNot in release
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can bypass the access control policy to create a private RSS...
1 affected packages
glpi
| Package | 24.04 LTS |
|---|---|
| glpi | Not in release |
CVE-2024-45610
Medium priorityNot in release
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order...
1 affected packages
glpi
| Package | 24.04 LTS |
|---|---|
| glpi | Not in release |
CVE-2024-45609
Medium priorityNot in release
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to...
1 affected packages
glpi
| Package | 24.04 LTS |
|---|---|
| glpi | Not in release |
CVE-2024-45608
Medium priorityNot in release
GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17.
1 affected packages
glpi
| Package | 24.04 LTS |
|---|---|
| glpi | Not in release |
CVE-2024-43418
Medium priorityNot in release
GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability. Upgrade to 10.0.17.
1 affected packages
glpi
| Package | 24.04 LTS |
|---|---|
| glpi | Not in release |
CVE-2024-43417
Medium priorityNot in release
GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Software form. Upgrade to 10.0.17.
1 affected packages
glpi
| Package | 24.04 LTS |
|---|---|
| glpi | Not in release |
CVE-2024-41679
Medium priorityNot in release
GLPI is a free asset and IT management software package. An authenticated user can exploit a SQL injection vulnerability from the ticket form. Upgrade to 10.0.17.
1 affected packages
glpi
| Package | 24.04 LTS |
|---|---|
| glpi | Not in release |