Search CVE reports
1 – 10 of 28179 results
CVE-2025-26819
Medium priorityNot in release
Monero through 0.18.3.4 before ec74ff4 does not have response limits on HTTP server connections.
1 affected package
monero
Package | 20.04 LTS |
---|---|
monero | Not in release |
CVE-2025-26791
Medium priorityNot in release
DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).
1 affected package
node-dompurify
Package | 20.04 LTS |
---|---|
node-dompurify | Not in release |
CVE-2025-25304
Medium priorityNot in release
Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. Prior to version 5.26.0 of vega and 5.4.2 of vega-selections, the `vlSelectionTuples` function can be used...
1 affected package
vega.js
Package | 20.04 LTS |
---|---|
vega.js | Not in release |
CVE-2025-25204
Medium priorityNot in release
`gh` is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool `gh attestation verify` causes it to return a zero exit...
1 affected package
gh
Package | 20.04 LTS |
---|---|
gh | Not in release |
CVE-2025-25186
Medium priorityNet::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion...
7 affected packages
jruby, ruby2.3, ruby2.5, ruby2.7, ruby3.0...
Package | 20.04 LTS |
---|---|
jruby | Needs evaluation |
ruby2.3 | Not in release |
ruby2.5 | Not in release |
ruby2.7 | Needs evaluation |
ruby3.0 | Not in release |
ruby3.2 | Not in release |
ruby3.3 | Not in release |
CVE-2025-1378
Medium priorityA vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An...
1 affected package
radare2
Package | 20.04 LTS |
---|---|
radare2 | Needs evaluation |
CVE-2025-1377
Medium priorityA vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial...
1 affected package
elfutils
Package | 20.04 LTS |
---|---|
elfutils | Needs evaluation |
CVE-2025-1376
Medium priorityA vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of...
1 affected package
elfutils
Package | 20.04 LTS |
---|---|
elfutils | Needs evaluation |
CVE-2025-1373
Medium priorityA vulnerability was found in FFmpeg up to 7.1. It has been rated as problematic. Affected by this issue is the function mov_read_trak of the file libavformat/mov.c of the component MOV Parser. The manipulation leads to null...
2 affected packages
ffmpeg, libav
Package | 20.04 LTS |
---|---|
ffmpeg | Needs evaluation |
libav | Not in release |
CVE-2025-1372
Medium priorityA vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf. The...
1 affected package
elfutils
Package | 20.04 LTS |
---|---|
elfutils | Needs evaluation |