Search CVE reports
1091 – 1100 of 49990 results
[hw/uefi: heap overflow]
1 affected package
qemu
| Package | 16.04 LTS |
|---|---|
| qemu | Needs evaluation |
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data.
1 affected package
libgcrypt20
| Package | 16.04 LTS |
|---|---|
| libgcrypt20 | Not affected |
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.
1 affected package
libgcrypt20
| Package | 16.04 LTS |
|---|---|
| libgcrypt20 | Needs evaluation |
uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which is very commonly used, is unaffected by this issue.
1 affected package
node-uuid
| Package | 16.04 LTS |
|---|---|
| node-uuid | Needs evaluation |
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a...
1 affected package
packagekit
| Package | 16.04 LTS |
|---|---|
| packagekit | Fixed |
Luanti (formerly Minetest) is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to execute arbitrary code and...
2 affected packages
luanti, minetest
| Package | 16.04 LTS |
|---|---|
| luanti | — |
| minetest | Needs evaluation |
race condition in TLS handshake that could lead to leaking of packet data from a previous handshake under specific circumstances
1 affected package
openvpn
| Package | 16.04 LTS |
|---|---|
| openvpn | Needs evaluation |
[hcd-ohci: infinite loop]
1 affected package
qemu
| Package | 16.04 LTS |
|---|---|
| qemu | Needs evaluation |
server ASSERT() on receiving a suitably malformed packet with a valid tls-crypt-v2 key
1 affected package
openvpn
| Package | 16.04 LTS |
|---|---|
| openvpn | Needs evaluation |
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using...
2 affected packages
pypdf, pypdf2
| Package | 16.04 LTS |
|---|---|
| pypdf | — |
| pypdf2 | Needs evaluation |