Search CVE reports
1 – 7 of 7 results
CVE-2023-43281
Medium priorityDouble Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbi_load_gif_main function.
14 affected packages
arm-compute-library, armnn, bibledit, bibledit-cloud, emscripten...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
arm-compute-library | Needs evaluation | Needs evaluation | Not in release | Ignored | Ignored |
armnn | Needs evaluation | Needs evaluation | Not in release | Ignored | Ignored |
bibledit | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
bibledit-cloud | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
emscripten | Needs evaluation | Needs evaluation | Not in release | Needs evaluation | Needs evaluation |
goxel | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
libsfml | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libstb | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
love | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
mame | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
timg | Needs evaluation | Needs evaluation | Not in release | Ignored | Ignored |
tiny-dnn | Needs evaluation | Not in release | Not in release | Ignored | Ignored |
utox | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
visp | Needs evaluation | Needs evaluation | Not in release | Needs evaluation | Needs evaluation |
CVE-2022-34300
Low priorityIn tinyexr 1.0.1, there is a heap-based buffer over-read in tinyexr::DecodePixelData.
12 affected packages
asymptote, chromium-browser, godot, goxel, love...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
asymptote | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
chromium-browser | Not affected | Not affected | Not affected | Not affected | Ignored |
godot | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
goxel | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
love | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
mame | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
psychtoolbox-3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
qt6-webengine | Needs evaluation | Needs evaluation | — | — | — |
qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
rbdoom3bfg | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
renderdoc | Not in release | Needs evaluation | Needs evaluation | — | — |
tinyexr | Needs evaluation | Needs evaluation | — | — | — |
CVE-2021-46143
Medium prioritySome fixes available 22 of 268
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
50 affected packages
apache2, apr-util, astropy, audacity, ayttm...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
apache2 | Not affected | Not affected | Not affected | Not affected | Not affected |
apr-util | Not affected | Not affected | Not affected | Not affected | Not affected |
astropy | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
audacity | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ayttm | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
cableswig | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
cmake | Not affected | Not affected | Not affected | Not affected | Not affected |
coda | Needs evaluation | Needs evaluation | Needs evaluation | — | Ignored |
coin3 | Not affected | Not affected | Not affected | Needs evaluation | Needs evaluation |
emboss | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
expat | Fixed | Fixed | Fixed | Fixed | Fixed |
firefox | Fixed | Fixed | Fixed | Fixed | Ignored |
gdcm | Not affected | Not affected | Not affected | Not affected | Not affected |
ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
harp | Needs evaluation | Needs evaluation | Needs evaluation | — | Ignored |
ibm-3270 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
insighttoolkit | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
insighttoolkit4 | Not in release | Not affected | Not affected | Not affected | Needs evaluation |
insighttoolkit5 | Needs evaluation | Needs evaluation | — | — | Ignored |
libsynthesis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libxmltok | Vulnerable | Fixed | Fixed | Fixed | Fixed |
mame | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
matanza | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
opencollada | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
paraview | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
poco | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
python2.7 | Not in release | Not affected | Not affected | Not affected | Not affected |
python3.10 | Not in release | Not affected | Not in release | Not in release | Not in release |
python3.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
python3.5 | Not in release | Not in release | Not in release | Not in release | Not affected |
python3.6 | Not in release | Not in release | Not in release | Not affected | Not in release |
python3.7 | Not in release | Not in release | Not in release | Not affected | Not in release |
python3.8 | Not in release | Not in release | Not affected | Not affected | Not in release |
python3.9 | Not in release | Not in release | Not affected | Not in release | Not in release |
qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
sitecopy | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
smart | Not in release | Not in release | Not in release | Not affected | Not affected |
swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
tdom | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
thunderbird | Not affected | Not affected | Not affected | Ignored | Ignored |
tla | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
visp | Needs evaluation | Needs evaluation | — | Needs evaluation | Needs evaluation |
vnc4 | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
vtk | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
xmlrpc | — | — | — | — | Ignored |
xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
xsd | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-43519
Low priorityStack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.
45 affected packages
ardour, bam, blobby, ceph, darktable...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ardour | Not affected | Not affected | Not affected | Not affected | Not affected |
bam | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
blobby | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ceph | Not affected | Not affected | Not affected | Not affected | Not affected |
darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
eja | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
emscripten | Needs evaluation | Needs evaluation | — | Needs evaluation | Needs evaluation |
enigma | Not affected | Not affected | Not affected | Not affected | Not affected |
freeciv | Not affected | Not affected | Not affected | Not affected | Not affected |
freedroidrpg | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
fs-uae | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
golly | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
goxel | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
grub2 | Not affected | Not affected | Not affected | Not affected | Not affected |
gtk2-engines | Not affected | Not affected | Not affected | Not affected | Not affected |
haskell-hslua | Not affected | Not affected | Not affected | Not affected | Not affected |
hedgewars | Not affected | Not affected | Not affected | Not affected | Not affected |
lua5.1 | Not affected | Not affected | Not affected | Not affected | Not affected |
lua5.2 | Not affected | Not affected | Not affected | Not affected | Not affected |
lua5.3 | Not affected | Not affected | Not affected | Not affected | Not affected |
lua5.4 | Not affected | Not affected | Not in release | Not in release | Not in release |
lua50 | Not in release | Not in release | Not affected | Not affected | Not affected |
luajit | Not affected | Not affected | Not affected | Not affected | Not affected |
mame | Not affected | Not affected | Not affected | Not affected | Not affected |
naev | Needs evaluation | Needs evaluation | Needs evaluation | — | Ignored |
openscenegraph | Not affected | Not affected | Not affected | Not affected | Not affected |
redis | Not affected | Not affected | Not affected | Not affected | Not affected |
rust-lua52-sys | Needs evaluation | Needs evaluation | Needs evaluation | — | Ignored |
scite | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
scorched3d | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
scummvm | Not affected | Not affected | Not affected | Not affected | Not affected |
spring | Not affected | Not affected | Not affected | Not affected | Not affected |
syslinux | Not affected | Not affected | Not affected | Not affected | Not affected |
syslinux-legacy | Not in release | Not in release | Not affected | Not affected | Not affected |
tagua | Not affected | Not affected | Not affected | Not affected | Not affected |
tarantool | Needs evaluation | Needs evaluation | Needs evaluation | — | Needs evaluation |
texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
tup | Needs evaluation | Needs evaluation | Needs evaluation | — | Ignored |
ufoai | Not affected | Not affected | Not affected | Not affected | Not affected |
vifm | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
wcc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
wesnoth | — | — | — | — | Ignored |
widelands | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
xmoto | Not affected | Not affected | Not affected | Not affected | Not affected |
zfs-linux | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2018-16981
Medium prioritystb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function.
13 affected packages
catimg, ccextractor, flif, goxel, libsfml...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
catimg | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
ccextractor | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
flif | Not in release | Not in release | Not in release | Not in release | Not in release |
goxel | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
libsfml | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
libsixel | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
love | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
mame | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
renderdoc | Not in release | Needs evaluation | Needs evaluation | Not in release | Not in release |
retroarch | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
tweeny | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
zam-plugins | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
zynaddsubfx | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2017-6888
Low prioritySome fixes available 3 of 29
An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.
6 affected packages
android, chromium-browser, flac, mame, oxide-qt, praat
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android | Not in release | Not in release | Not in release | Not in release | Ignored |
chromium-browser | Not affected | Not affected | Not affected | Not affected | Not affected |
flac | Not affected | Not affected | Not affected | Fixed | Fixed |
mame | Not affected | Not affected | Not affected | Not affected | Not affected |
oxide-qt | Not in release | Not in release | Not in release | Not in release | Ignored |
praat | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2006-0176
Unknown prioritySome fixes available 7 of 8
Buffer overflow in certain functions in src/fileio.c and src/unix/fileio.c in xmame before 11 January 2006 may allow local users to gain privileges via a long (1) -lang, (2) -ctrlr, (3) -pb, or (4) -rec argument on many operating...
1 affected packages
xmame
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xmame | — | — | — | — | — |