Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 3 of 3 results


CVE-2015-2305

Medium priority

Some fixes available 29 of 83

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to...

23 affected packages

alpine, clamav, cups, efl, haskell-regex-posix...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
alpine Not affected Not affected Not affected Not affected Not affected
clamav Fixed Fixed Fixed Fixed Fixed
cups Not affected Not affected Not affected Not affected Not affected
efl Not affected Not affected Not affected Not affected Not affected
haskell-regex-posix Not affected Not affected Not affected Not affected Not affected
knews Not affected Not affected Not affected Not affected Not affected
librcsb-core-wrapper Not affected Not affected Not affected Not affected Not affected
llvm-toolchain-3.4 Not in release Not in release Not in release Not in release Not in release
llvm-toolchain-3.5 Not in release Not in release Not in release Not in release Not affected
llvm-toolchain-3.6 Not in release Not in release Not in release Not in release Not affected
llvm-toolchain-snapshot Not in release Not in release Not in release Not in release Not in release
newlib Not affected Not affected Not affected Not affected Not affected
nvi Not affected Not affected Not affected Not affected Vulnerable
olsrd Not in release Not in release Not in release Not affected Not affected
openrpt Not in release Not in release Not in release Vulnerable Vulnerable
php5 Not in release Not in release Not in release Not in release Not in release
ptlib Not in release Not in release Not in release Not affected Not affected
radare2 Not affected Not in release Not affected Not affected Vulnerable
sma Not affected Not affected Not affected Not affected Not affected
vigor Not affected Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Not affected Not affected
yap Not in release Not in release Not in release Not affected Not affected
z88dk Not in release Not in release Not in release Not in release Not affected
Show all 23 packages Show less packages

CVE-2014-4715

Medium priority

Some fixes available 1 of 56

Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service (memory...

10 affected packages

eet, efl, firefox, grub2, gtkwave...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eet Not in release Not in release Not in release Not in release
efl Not affected Not affected Not affected Not affected
firefox Not affected Not affected Not affected Not affected
grub2 Not affected Not affected Not affected Not affected
gtkwave Not affected Not affected Not affected Not affected
lz4 Not affected Not affected Not affected Not affected
php-horde-lz4 Not in release Not in release Not affected Not affected
pytables Not affected Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected Not affected
zfsutils Not in release Not in release Not in release Not in release
Show all 10 packages Show less packages

CVE-2007-2837

Unknown priority

Some fixes available 3 of 4

The (1) getRule and (2) getChains functions in server/rules.cpp in fireflierd (fireflier-server) in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file.

1 affected packages

fireflier

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fireflier
Show less packages