Search CVE reports
41881 – 41890 of 69503 results
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.
1 affected package
mgetty
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mgetty | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
Some fixes available 1 of 3
An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or > characters...
1 affected package
mgetty
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mgetty | Not affected | Not affected | Not affected | Not affected | Vulnerable |
Not in release
NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x and other products, allows attackers to bypass script blocking via the text/html;/json Content-Type value.
1 affected package
mozilla-noscript
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mozilla-noscript | — | — | — | — | Not in release |
Open Chinese Convert (OpenCC) 1.0.5 allows attackers to cause a denial of service (segmentation fault) because BinaryDict::NewFromFile in BinaryDict.cpp may have out-of-bounds keyOffset and valueOffset values via a crafted .ocd file.
1 affected package
opencc
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| opencc | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file....
1 affected package
tiff
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tiff | — | — | — | — | Fixed |
Some fixes available 6 of 190
stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function.
13 affected packages
catimg, ccextractor, flif, goxel, libsfml...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| catimg | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ccextractor | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
| flif | Not in release | Not in release | Not in release | Not in release | Not in release |
| goxel | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libsfml | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| libsixel | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| love | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| mame | Vulnerable | Fixed | Fixed | Fixed | Fixed |
| renderdoc | Not in release | Not in release | Needs evaluation | Needs evaluation | Not in release |
| retroarch | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| tweeny | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
| zam-plugins | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| zynaddsubfx | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Gitolite before 3.6.9 does not (in certain configurations involving @all or a regex) properly restrict access to a Git repository that is in the process of being migrated until the full set of migration steps has been completed....
2 affected packages
gitolite, gitolite3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gitolite | Not in release | Not in release | Not in release | Not in release | Not in release |
| gitolite3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
In radare2 before 2.9.0, a heap overflow vulnerability exists in the read_module_referenced_functions function in libr/anal/flirt.c via a crafted flirt signature file.
1 affected package
radare2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| radare2 | Not affected | Not affected | Not in release | Needs evaluation | Needs evaluation |
An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An...
1 affected package
openafs
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openafs | Not affected | Not affected | Not affected | Not affected | Vulnerable |
An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before returning, leaking memory contents from both the stack and the...
1 affected package
openafs
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openafs | Not affected | Not affected | Not affected | Not affected | Vulnerable |