Search CVE reports
1 – 10 of 32575 results
Some fixes available 1 of 2
OpenSSH GSSAPI Key Exchange Pre-Authentication Uninitialized Pointer Dereference, Heap Corruption, and Privsep Boundary Violation
2 affected packages
openssh, openssh-ssh1
| Package | 24.04 LTS |
|---|---|
| openssh | Fixed |
| openssh-ssh1 | Ignored |
(A vulnerability was detected in rui314 mold up to 2.40.4. This issue a ...)
1 affected package
mold
| Package | 24.04 LTS |
|---|---|
| mold | Needs evaluation |
(A flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects ...)
1 affected package
quickjs
| Package | 24.04 LTS |
|---|---|
| quickjs | Needs evaluation |
A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the component stsz/stts. The manipulation leads to out-of-bounds read. The attack...
1 affected package
libheif
| Package | 24.04 LTS |
|---|---|
| libheif | Vulnerable |
A vulnerability was determined in strukturag libheif up to 1.21.2. This affects the function vvdec_push_data2 of the file libheif/plugins/decoder_vvdec.cc of the component HEIF File Parser. Executing a manipulation of the argument...
1 affected package
libheif
| Package | 24.04 LTS |
|---|---|
| libheif | Needs evaluation |
(Calling NSS-backed functions that support caching via nscd may call th ...)
2 affected packages
glibc, eglibc
| Package | 24.04 LTS |
|---|---|
| glibc | Needs evaluation |
| eglibc | Not in release |
Versions of the package spin.js before 3.0.0 are vulnerable to Cross-site Scripting (XSS) via the spin() function that allows a creation of more than 1 alert for each 'target' element. An attacker would need to set an arbitrary...
1 affected package
libjs-spin.js
| Package | 24.04 LTS |
|---|---|
| libjs-spin.js | Needs evaluation |
(yauzl (aka Yet Another Unzip Library) version 3.2.0 for Node.js contai ...)
1 affected package
node-yauzl
| Package | 24.04 LTS |
|---|---|
| node-yauzl | Needs evaluation |
(Tornado is a Python web framework and asynchronous networking library. ...)
1 affected package
python-tornado
| Package | 24.04 LTS |
|---|---|
| python-tornado | Needs evaluation |
(Black is the uncompromising Python code formatter. Black provides a Gi ...)
1 affected package
black
| Package | 24.04 LTS |
|---|---|
| black | Needs evaluation |