Search CVE reports
821 – 830 of 33454 results
Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder (libavcodec/rv60dec.c). The quantization parameter (qp) validation at line 2267 only checks the lower bound (qp < 0) but is missing upper bound validation. The qp value...
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | Not in release |
When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs.
13 affected packages
pypy3, python2.7, python3.4, python3.5, python3.6...
| Package | 24.04 LTS |
|---|---|
| pypy3 | Needs evaluation |
| python2.7 | Not in release |
| python3.4 | Not in release |
| python3.5 | Not in release |
| python3.6 | Not in release |
| python3.7 | Not in release |
| python3.8 | Not in release |
| python3.9 | Not in release |
| python3.10 | Not in release |
| python3.11 | Not in release |
| python3.12 | Needs evaluation |
| python3.13 | Not in release |
| python3.14 | Not in release |
The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation....
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 24.04 LTS |
|---|---|
| python2.7 | Not in release |
| python3.4 | Not in release |
| python3.5 | Not in release |
| python3.6 | Not in release |
| python3.7 | Not in release |
| python3.8 | Not in release |
| python3.9 | Not in release |
| python3.10 | Not in release |
| python3.11 | Not in release |
| python3.12 | Needs evaluation |
| python3.13 | Not in release |
| python3.14 | Not in release |
Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect (OIDC) ID...
1 affected package
python-authlib
| Package | 24.04 LTS |
|---|---|
| python-authlib | Needs evaluation |
Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a cryptographic padding oracle vulnerability was identified in the Authlib Python library concerning the implementation of the JSON...
1 affected package
python-authlib
| Package | 24.04 LTS |
|---|---|
| python-authlib | Needs evaluation |
Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a JWK Header Injection vulnerability in authlib's JWS implementation allows an unauthenticated attacker to forge arbitrary JWT...
1 affected package
python-authlib
| Package | 24.04 LTS |
|---|---|
| python-authlib | Needs evaluation |
An issue in GoBGP gobgpd v.4.2.0 allows a remote attacker to cause a denial of service via the NEXT_HOP path attribute
1 affected package
gobgp
| Package | 24.04 LTS |
|---|---|
| gobgp | Needs evaluation |
A vulnerability was found in GPAC up to 2.5-DEV-rev2167-gcc9d617c0-master. This vulnerability affects the function swf_def_bits_jpeg of the file src/scene_manager/swf_parse.c of the component MP4Box. The manipulation of the...
1 affected package
gpac
| Package | 24.04 LTS |
|---|---|
| gpac | Needs evaluation |
A vulnerability has been found in Radare2 5.9.9. This issue affects the function walk_exports_trie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The...
1 affected package
radare2
| Package | 24.04 LTS |
|---|---|
| radare2 | Needs evaluation |
A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially...
1 affected package
binutils
| Package | 24.04 LTS |
|---|---|
| binutils | Needs evaluation |