Search CVE reports
391 – 400 of 47849 results
Some fixes available 1 of 2
libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.
5 affected packages
tiff, qtwebengine-opensource-src, texmaker, gdal, neuron
| Package | 16.04 LTS |
|---|---|
| tiff | Fixed |
| qtwebengine-opensource-src | — |
| texmaker | Not affected |
| gdal | Needs evaluation |
| neuron | — |
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
5 affected packages
tiff, qtwebengine-opensource-src, texmaker, gdal, neuron
| Package | 16.04 LTS |
|---|---|
| tiff | Vulnerable |
| qtwebengine-opensource-src | — |
| texmaker | Not affected |
| gdal | Needs evaluation |
| neuron | — |
libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.
5 affected packages
tiff, qtwebengine-opensource-src, texmaker, gdal, neuron
| Package | 16.04 LTS |
|---|---|
| tiff | Vulnerable |
| qtwebengine-opensource-src | — |
| texmaker | Not affected |
| gdal | Needs evaluation |
| neuron | — |
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by...
1 affected package
389-ds-base
| Package | 16.04 LTS |
|---|---|
| 389-ds-base | Needs evaluation |
[libsoup: HTTP/1 request smuggling primitives accepted (CL.CL and TE+CL) in soup_headers_parse()]
2 affected packages
libsoup2.4, libsoup3
| Package | 16.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | — |
Dolibarr ERP/CRM 10.0.1 contains an SQL injection vulnerability in the elemid POST parameter of the viewcat.php endpoint that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can submit crafted POST...
1 affected package
dolibarr
| Package | 16.04 LTS |
|---|---|
| dolibarr | Needs evaluation |
Dolibarr ERP/CRM 10.0.1 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through POST parameters. Attackers can inject malicious SQL through...
1 affected package
dolibarr
| Package | 16.04 LTS |
|---|---|
| dolibarr | Needs evaluation |
A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vips_source_read_to_memory of the file libvips/iofuncs/source.c. This manipulation causes heap-based buffer overflow. It is possible to...
1 affected package
vips
| Package | 16.04 LTS |
|---|---|
| vips | Needs evaluation |
A flaw has been found in skvadrik re2c up to 4.4. Impacted is the function check_and_merge_special_rules of the file src/parse/ast.cc. This manipulation causes null pointer dereference. The attack can only be executed locally. The...
1 affected package
re2c
| Package | 16.04 LTS |
|---|---|
| re2c | Not affected |
ZoneMinder is a free, open source closed-circuit television software application. In versions 1.36.37 and below and 1.37.61 through 1.38.0, there is a second-order SQL Injection vulnerability in the web/ajax/status.php file within...
1 affected package
zoneminder
| Package | 16.04 LTS |
|---|---|
| zoneminder | Needs evaluation |