Search CVE reports
41321 – 41330 of 69301 results
An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in mg_mqtt_next_subscribe_topic. A specially crafted MQTT SUBSCRIBE...
1 affected package
smplayer
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| smplayer | — | — | — | Not affected | Not affected |
An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in a parse_mqtt getu16 call. A specially crafted MQTT SUBSCRIBE...
1 affected package
smplayer
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| smplayer | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
Some fixes available 2 of 3
An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the add_themes_from_dir method in dlg-contact-sheet.c because of two successive calls of g_free, each of which frees the same buffer.
1 affected package
gthumb
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gthumb | — | — | Not affected | Not affected | Fixed |
Some fixes available 4 of 9
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual()...
2 affected packages
binutils, libiberty
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| binutils | Not affected | Not affected | Not affected | Not affected | Fixed |
| libiberty | Not affected | Not affected | Not affected | Not affected | Fixed |
Some fixes available 4 of 9
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(),...
2 affected packages
binutils, libiberty
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| binutils | Not affected | Not affected | Not affected | Not affected | Fixed |
| libiberty | Not affected | Not affected | Not affected | Not affected | Fixed |
An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in read-catalog.c, related to an invalid free in po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt.
1 affected package
gettext
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gettext | — | — | — | — | Fixed |
Some fixes available 30 of 32
An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int...
96 affected packages
linux, linux-flo, linux-aws, linux-aws-hwe, linux-azure...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| linux | — | Not affected | Not affected | Not affected | Fixed |
| linux-flo | — | — | — | — | Not in release |
| linux-aws | — | Not affected | Not affected | Not affected | Fixed |
| linux-aws-hwe | — | Not in release | Not in release | Not in release | Not in release |
| linux-azure | — | Not affected | Not affected | Not affected | Fixed |
| linux-azure-edge | — | Not in release | Not in release | Not in release | Fixed |
| linux-euclid | — | — | — | — | Not in release |
| linux-gcp | — | Not affected | Not affected | Not affected | Fixed |
| linux-gcp-edge | — | — | — | — | Fixed |
| linux-gke | — | Not affected | Not affected | Ignored | Not in release |
| linux-goldfish | — | — | — | — | Not in release |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-edge | — | Not in release | Not in release | Not in release | Not affected |
| linux-kvm | — | Not in release | Not affected | Not affected | Fixed |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not in release |
| linux-manta | — | — | — | — | Not in release |
| linux-oem | — | Not in release | Not in release | Not in release | Fixed |
| linux-oracle | — | Not affected | Not affected | Not affected | Not affected |
| linux-raspi2 | — | Not in release | Not in release | Ignored | Fixed |
| linux-snapdragon | — | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-aws-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-azure-4.15 | — | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | — | Not affected | Not affected | Ignored | Not in release |
| linux-aws-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fde-5.15 | — | Not in release | Not in release | Ignored | Not in release |
| linux-bluefield | — | Not in release | Not in release | Not affected | Not in release |
| linux-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | — | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | — | Not affected | Not affected | Not affected | Not in release |
| linux-gkeop-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-ibm | — | Not affected | Not affected | Not affected | Not in release |
| linux-ibm-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-intel | — | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg | — | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-iot | — | Not in release | Not in release | Not affected | Not in release |
| linux-intel-iot-realtime | — | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency | — | Not affected | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia | — | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-6.5 | — | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-lowlatency | — | Not affected | Not in release | Not in release | Not in release |
| linux-oracle-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-oem-6.8 | — | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | — | Not affected | Not affected | Not affected | Not in release |
| linux-raspi-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | — | Not affected | Not in release | Not in release | Not in release |
| linux-realtime | — | Not affected | Not affected | Not in release | Not in release |
| linux-riscv | — | Not affected | Ignored | Ignored | Not in release |
| linux-riscv-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-xilinx-zynqmp | — | Not in release | Not affected | Not affected | Not in release |
| linux-aws-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-azure-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.11 | — | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-6.11 | — | Ignored | Not in release | Not in release | Not in release |
| linux-hwe-6.14 | — | Not affected | Not in release | Not in release | Not in release |
| linux-aws-6.14 | — | Not affected | Not in release | Not in release | Not in release |
| linux-azure-6.11 | — | Ignored | Not in release | Not in release | Not in release |
| linux-azure-nvidia | — | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-6.11 | — | Ignored | Not in release | Not in release | Not in release |
| linux-gcp-6.14 | — | Not affected | Not in release | Not in release | Not in release |
| linux-ibm-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-6.11 | — | Ignored | Not in release | Not in release | Not in release |
| linux-nvidia-tegra | — | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-tegra-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-nvidia-tegra-igx | — | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-6.14 | — | Not affected | Not in release | Not in release | Not in release |
| linux-oem-6.14 | — | Not affected | Not in release | Not in release | Not in release |
| linux-riscv-6.14 | — | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.11 | — | Not affected | Not in release | Not in release | Not in release |
| linux-realtime-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-realtime-6.14 | — | Not affected | Not in release | Not in release | Not in release |
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j...
3 affected packages
openssl, openssl098, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssl | — | — | — | Fixed | Fixed |
| openssl098 | — | — | — | Not in release | Not in release |
| openssl1.0 | — | — | — | Not in release | Not affected |
A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV (matroska) file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user.
1 affected package
mkvtoolnix
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mkvtoolnix | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
1 affected package
mupdf
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mupdf | — | Not affected | Not affected | Not affected | Ignored |