Search CVE reports
831 – 840 of 33454 results
A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a...
1 affected package
binutils
| Package | 24.04 LTS |
|---|---|
| binutils | Needs evaluation |
libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.
23 affected packages
expat, coin3, apache2, apr-util, cmake...
| Package | 24.04 LTS |
|---|---|
| expat | Needs evaluation |
| coin3 | Not affected |
| apache2 | Not affected |
| apr-util | Not affected |
| cmake | Not affected |
| ghostscript | Not affected |
| texlive-bin | Not affected |
| xmlrpc-c | Needs evaluation |
| vnc4 | Not in release |
| wbxml2 | Needs evaluation |
| swish-e | Needs evaluation |
| insighttoolkit4 | Not in release |
| cadaver | Needs evaluation |
| gdcm | Not affected |
| ayttm | Not in release |
| cableswig | Not in release |
| matanza | Ignored |
| tdom | Needs evaluation |
| vtk | Not in release |
| smart | Not in release |
| firefox | Not affected |
| thunderbird | Not affected |
| libxmltok | Needs evaluation |
libexpat before 2.7.5 allows an infinite loop while parsing DTD content.
23 affected packages
expat, apache2, apr-util, cmake, ghostscript...
| Package | 24.04 LTS |
|---|---|
| expat | Needs evaluation |
| apache2 | Not affected |
| apr-util | Not affected |
| cmake | Not affected |
| ghostscript | Not affected |
| texlive-bin | Not affected |
| xmlrpc-c | Needs evaluation |
| vnc4 | Not in release |
| wbxml2 | Needs evaluation |
| swish-e | Needs evaluation |
| insighttoolkit4 | Not in release |
| cadaver | Needs evaluation |
| gdcm | Not affected |
| ayttm | Not in release |
| cableswig | Not in release |
| coin3 | Not affected |
| matanza | Ignored |
| tdom | Needs evaluation |
| vtk | Not in release |
| smart | Not in release |
| firefox | Not affected |
| thunderbird | Not affected |
| libxmltok | Needs evaluation |
libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.
23 affected packages
expat, apache2, apr-util, cmake, ghostscript...
| Package | 24.04 LTS |
|---|---|
| expat | Needs evaluation |
| apache2 | Not affected |
| apr-util | Not affected |
| cmake | Not affected |
| ghostscript | Not affected |
| texlive-bin | Not affected |
| xmlrpc-c | Needs evaluation |
| vnc4 | Not in release |
| wbxml2 | Needs evaluation |
| swish-e | Needs evaluation |
| insighttoolkit4 | Not in release |
| cadaver | Needs evaluation |
| gdcm | Not affected |
| ayttm | Not in release |
| cableswig | Not in release |
| coin3 | Not affected |
| matanza | Ignored |
| tdom | Needs evaluation |
| vtk | Not in release |
| smart | Not in release |
| firefox | Not affected |
| thunderbird | Not affected |
| libxmltok | Needs evaluation |
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow.
1 affected package
libexif
| Package | 24.04 LTS |
|---|---|
| libexif | Needs evaluation |
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.
1 affected package
inetutils
| Package | 24.04 LTS |
|---|---|
| inetutils | Needs evaluation |
SimpleEval is a library for adding evaluatable expressions into python projects. Prior to 1.0.5, objects (including modules) can leak dangerous modules through to direct access inside the sandbox. If the objects you've passed in...
1 affected package
simpleeval
| Package | 24.04 LTS |
|---|---|
| simpleeval | Needs evaluation |
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-next.3, 21.2.4, 20.3.18, and 19.2.20, a Cross-Site Scripting (XSS) vulnerability...
1 affected package
angular.js
| Package | 24.04 LTS |
|---|---|
| angular.js | Needs evaluation |
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.2, when a cpp-httplib client is configured with a proxy and set_follow_location(true), any HTTPS redirect it follows will have TLS...
1 affected package
cpp-httplib
| Package | 24.04 LTS |
|---|---|
| cpp-httplib | Needs evaluation |
Not in release
Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. Prior to 0.13.10, the Rust implementation of Yamux can panic when processing a crafted inbound Data frame that sets SYN and uses a body length...
1 affected package
rust-yamux
| Package | 24.04 LTS |
|---|---|
| rust-yamux | Not in release |