Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 9 of 9 results


CVE-2024-32487

Medium priority
Fixed

less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files...

1 affected packages

less

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
less Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-48624

Medium priority

Some fixes available 7 of 8

close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.

1 affected packages

less

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
less Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-46663

Medium priority
Fixed

In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal.

1 affected packages

less

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
less Fixed Not affected Not affected Not affected
Show less packages

CVE-2016-6866

Low priority

Some fixes available 1 of 5

slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash.

1 affected packages

suckless-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
suckless-tools Not affected Not affected
Show less packages

CVE-2014-9488

Low priority
Ignored

The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read.

1 affected packages

less

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
less
Show less packages

CVE-2006-4124

Unknown priority
Ignored

The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUG_FILE environment variable, which is used to create world-writable files when libXm is run from a setuid program.

1 affected packages

lesstif1-1

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
lesstif1-1
Show less packages

CVE-2005-0605

Unknown priority
Fixed

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

5 affected packages

lesstif1-1, lesstif2, openmotif, xorg, xterm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
lesstif1-1
lesstif2
openmotif
xorg
xterm
Show less packages

CVE-2004-0914

Unknown priority
Fixed

Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5)...

4 affected packages

lesstif1-1, lesstif2, openmotif, xorg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
lesstif1-1
lesstif2
openmotif
xorg
Show less packages

CVE-2004-0688

Unknown priority
Fixed

Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute...

4 affected packages

lesstif1-1, lesstif2, openmotif, xorg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
lesstif1-1
lesstif2
openmotif
xorg
Show less packages