Search CVE reports
381 – 390 of 42392 results
libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.
23 affected packages
expat, coin3, apache2, apr-util, cmake...
| Package | 18.04 LTS |
|---|---|
| expat | Needs evaluation |
| coin3 | Needs evaluation |
| apache2 | Not affected |
| apr-util | Not affected |
| cmake | Not affected |
| ghostscript | Not affected |
| texlive-bin | Not affected |
| xmlrpc-c | Needs evaluation |
| vnc4 | Needs evaluation |
| wbxml2 | Needs evaluation |
| swish-e | Needs evaluation |
| insighttoolkit4 | Needs evaluation |
| cadaver | Needs evaluation |
| gdcm | Needs evaluation |
| ayttm | — |
| cableswig | — |
| matanza | Needs evaluation |
| tdom | Needs evaluation |
| vtk | — |
| smart | Needs evaluation |
| firefox | — |
| thunderbird | — |
| libxmltok | Needs evaluation |
libexpat before 2.7.5 allows an infinite loop while parsing DTD content.
23 affected packages
expat, apache2, apr-util, cmake, ghostscript...
| Package | 18.04 LTS |
|---|---|
| expat | Needs evaluation |
| apache2 | Not affected |
| apr-util | Not affected |
| cmake | Not affected |
| ghostscript | Not affected |
| texlive-bin | Not affected |
| xmlrpc-c | Needs evaluation |
| vnc4 | Needs evaluation |
| wbxml2 | Needs evaluation |
| swish-e | Needs evaluation |
| insighttoolkit4 | Needs evaluation |
| cadaver | Needs evaluation |
| gdcm | Needs evaluation |
| ayttm | — |
| cableswig | — |
| coin3 | Needs evaluation |
| matanza | Needs evaluation |
| tdom | Needs evaluation |
| vtk | — |
| smart | Needs evaluation |
| firefox | — |
| thunderbird | — |
| libxmltok | Needs evaluation |
libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.
23 affected packages
expat, apache2, apr-util, cmake, ghostscript...
| Package | 18.04 LTS |
|---|---|
| expat | Needs evaluation |
| apache2 | Not affected |
| apr-util | Not affected |
| cmake | Not affected |
| ghostscript | Not affected |
| texlive-bin | Not affected |
| xmlrpc-c | Needs evaluation |
| vnc4 | Needs evaluation |
| wbxml2 | Needs evaluation |
| swish-e | Needs evaluation |
| insighttoolkit4 | Needs evaluation |
| cadaver | Needs evaluation |
| gdcm | Needs evaluation |
| ayttm | — |
| cableswig | — |
| coin3 | Needs evaluation |
| matanza | Needs evaluation |
| tdom | Needs evaluation |
| vtk | — |
| smart | Needs evaluation |
| firefox | — |
| thunderbird | — |
| libxmltok | Needs evaluation |
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow.
1 affected package
libexif
| Package | 18.04 LTS |
|---|---|
| libexif | Needs evaluation |
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.
1 affected package
inetutils
| Package | 18.04 LTS |
|---|---|
| inetutils | Needs evaluation |
SimpleEval is a library for adding evaluatable expressions into python projects. Prior to 1.0.5, objects (including modules) can leak dangerous modules through to direct access inside the sandbox. If the objects you've passed in...
1 affected package
simpleeval
| Package | 18.04 LTS |
|---|---|
| simpleeval | Needs evaluation |
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-next.3, 21.2.4, 20.3.18, and 19.2.20, a Cross-Site Scripting (XSS) vulnerability...
1 affected package
angular.js
| Package | 18.04 LTS |
|---|---|
| angular.js | Needs evaluation |
GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is...
1 affected package
gst-plugins-bad1.0
| Package | 18.04 LTS |
|---|---|
| gst-plugins-bad1.0 | Needs evaluation |
GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is...
1 affected package
gst-plugins-good1.0
| Package | 18.04 LTS |
|---|---|
| gst-plugins-good1.0 | Needs evaluation |
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is...
1 affected package
gst-plugins-bad1.0
| Package | 18.04 LTS |
|---|---|
| gst-plugins-bad1.0 | Needs evaluation |