Search CVE reports
891 – 900 of 49990 results
A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fz_subset_cff_for_gids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read....
1 affected package
mupdf
| Package | 16.04 LTS |
|---|---|
| mupdf | Needs evaluation |
OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface.
2 affected packages
ironic, openstack
| Package | 16.04 LTS |
|---|---|
| ironic | Needs evaluation |
| openstack | Needs evaluation |
mod_sql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands (e.g., COPY...
1 affected package
proftpd-dfsg
| Package | 16.04 LTS |
|---|---|
| proftpd-dfsg | Needs evaluation |
Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When resolving a tag, the filename field from the tags file is passed through wildcard...
1 affected package
vim
| Package | 16.04 LTS |
|---|---|
| vim | Vulnerable |
In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An...
1 affected package
krb5
| Package | 16.04 LTS |
|---|---|
| krb5 | Needs evaluation |
In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker...
1 affected package
krb5
| Package | 16.04 LTS |
|---|---|
| krb5 | Needs evaluation |
[Unknown description]
1 affected package
xen
| Package | 16.04 LTS |
|---|---|
| xen | Needs evaluation |
[Unknown description]
1 affected package
xen
| Package | 16.04 LTS |
|---|---|
| xen | Needs evaluation |
[Unknown description]
1 affected package
xen
| Package | 16.04 LTS |
|---|---|
| xen | Needs evaluation |
[updated libpng in Oracle Java]
11 affected packages
openjdk-8, openjdk-9, openjdk-lts, openjdk-13, openjdk-16...
| Package | 16.04 LTS |
|---|---|
| openjdk-8 | Needs evaluation |
| openjdk-9 | Ignored |
| openjdk-lts | — |
| openjdk-13 | — |
| openjdk-16 | — |
| openjdk-17 | — |
| openjdk-17-crac | — |
| openjdk-18 | — |
| openjdk-21 | — |
| openjdk-21-crac | — |
| openjdk-25 | — |