Search CVE reports
581 – 590 of 42614 results
YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial...
1 affected package
libyaml-syck-perl
| Package | 18.04 LTS |
|---|---|
| libyaml-syck-perl | Needs evaluation |
Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder (libavcodec/rv60dec.c). The quantization parameter (qp) validation at line 2267 only checks the lower bound (qp < 0) but is missing upper bound validation. The qp value...
2 affected packages
ffmpeg, libav
| Package | 18.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | — |
When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs.
13 affected packages
pypy3, python2.7, python3.4, python3.5, python3.6...
| Package | 18.04 LTS |
|---|---|
| pypy3 | — |
| python2.7 | Needs evaluation |
| python3.4 | — |
| python3.5 | — |
| python3.6 | Needs evaluation |
| python3.7 | Needs evaluation |
| python3.8 | Needs evaluation |
| python3.9 | — |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation....
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 18.04 LTS |
|---|---|
| python2.7 | Needs evaluation |
| python3.4 | — |
| python3.5 | — |
| python3.6 | Needs evaluation |
| python3.7 | Needs evaluation |
| python3.8 | Needs evaluation |
| python3.9 | — |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
An issue in GoBGP gobgpd v.4.2.0 allows a remote attacker to cause a denial of service via the NEXT_HOP path attribute
1 affected package
gobgp
| Package | 18.04 LTS |
|---|---|
| gobgp | Needs evaluation |
A vulnerability was found in GPAC up to 2.5-DEV-rev2167-gcc9d617c0-master. This vulnerability affects the function swf_def_bits_jpeg of the file src/scene_manager/swf_parse.c of the component MP4Box. The manipulation of the...
1 affected package
gpac
| Package | 18.04 LTS |
|---|---|
| gpac | Needs evaluation |
A vulnerability has been found in Radare2 5.9.9. This issue affects the function walk_exports_trie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The...
1 affected package
radare2
| Package | 18.04 LTS |
|---|---|
| radare2 | Needs evaluation |
A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially...
1 affected package
binutils
| Package | 18.04 LTS |
|---|---|
| binutils | Needs evaluation |
A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a...
1 affected package
binutils
| Package | 18.04 LTS |
|---|---|
| binutils | Needs evaluation |
libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.
23 affected packages
expat, coin3, apache2, apr-util, cmake...
| Package | 18.04 LTS |
|---|---|
| expat | Needs evaluation |
| coin3 | Needs evaluation |
| apache2 | Not affected |
| apr-util | Not affected |
| cmake | Not affected |
| ghostscript | Not affected |
| texlive-bin | Not affected |
| xmlrpc-c | Needs evaluation |
| vnc4 | Needs evaluation |
| wbxml2 | Needs evaluation |
| swish-e | Needs evaluation |
| insighttoolkit4 | Needs evaluation |
| cadaver | Needs evaluation |
| gdcm | Needs evaluation |
| ayttm | — |
| cableswig | — |
| matanza | Needs evaluation |
| tdom | Needs evaluation |
| vtk | — |
| smart | Needs evaluation |
| firefox | — |
| thunderbird | — |
| libxmltok | Needs evaluation |