Search CVE reports
1 – 10 of 24420 results
CVE-2025-3469
Medium priorityImproper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program...
1 affected package
mediawiki
| Package | 24.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
CVE-2025-32807
Medium priorityNot in release
A path traversal vulnerability in FusionDirectory before 1.5 allows remote attackers to read arbitrary files on the host that end with .png (and .svg or .xpm for some configurations) via the icon parameter of a GET request to geticon.php.
1 affected package
fusiondirectory
| Package | 24.04 LTS |
|---|---|
| fusiondirectory | Not in release |
CVE-2025-32743
Medium priorityIn ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or...
1 affected package
connman
| Package | 24.04 LTS |
|---|---|
| connman | Needs evaluation |
CVE-2025-32728
Medium priorityIn sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.
2 affected packages
openssh, openssh-ssh1
| Package | 24.04 LTS |
|---|---|
| openssh | Vulnerable |
| openssh-ssh1 | Ignored |
CVE-2025-32700
Medium priorityExposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseLog.Php, includes/Pager/AbuseLogPager.Php,...
1 affected package
mediawiki
| Package | 24.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
CVE-2025-32699
Medium priorityVulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid.This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1; Parsoid: before 0.16.5, 0.19.2, 0.20.2.
1 affected package
mediawiki
| Package | 24.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
CVE-2025-32698
Medium priorityExposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/LogPager.Php. This issue affects MediaWiki: before...
1 affected package
mediawiki
| Package | 24.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
CVE-2025-32697
Medium priorityImproper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program...
1 affected package
mediawiki
| Package | 24.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
CVE-2025-32696
Medium priorityImproper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/actions/RevertAction.Php, includes/api/ApiFileRevert.Php. This issue affects...
1 affected package
mediawiki
| Package | 24.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
CVE-2025-29088
Medium priorityAn issue in sqlite v.3.49.0 allows an attacker to cause a denial of service via the SQLITE_DBCONFIG_LOOKASIDE component
2 affected packages
sqlite, sqlite3
| Package | 24.04 LTS |
|---|---|
| sqlite | Not in release |
| sqlite3 | Needs evaluation |