Search CVE reports
81 – 90 of 846 results
Some fixes available 12 of 55
A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.
9 affected packages
ufraw, xbmc, darktable, exactimage, libraw...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ufraw | Not in release | Not in release | Not in release | Ignored |
| xbmc | Not in release | Not in release | Not in release | Not in release |
| darktable | Needs evaluation | Needs evaluation | Ignored | Ignored |
| exactimage | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libraw | Fixed | Fixed | Fixed | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Ignored | Ignored |
| digikam | Not affected | Fixed | Fixed | Fixed |
| kodi | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Ignored | Ignored |
GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | Not affected | Vulnerable | Vulnerable | Vulnerable |
LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | Not affected | Vulnerable | Vulnerable | Vulnerable |
RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | Not affected | Vulnerable | Vulnerable | Vulnerable |
In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read.
9 affected packages
lua5.2, lua5.3, lua5.4, lua50, memcached...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| lua5.2 | Not affected | Not affected | Not affected | Not affected |
| lua5.3 | Not affected | Not affected | Not affected | Not affected |
| lua5.4 | Not affected | Not affected | Not in release | Not in release |
| lua50 | Not in release | Not in release | Not affected | Not affected |
| memcached | Not affected | Not affected | Not affected | Not affected |
| tup | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
| vifm | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| lua5.1 | Not affected | Not affected | Not affected | Not affected |
Some fixes available 4 of 17
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE...
2 affected packages
cmark, cmark-gfm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cmark | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| cmark-gfm | Fixed | Fixed | Fixed | Not in release |
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE...
2 affected packages
cmark, cmark-gfm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cmark | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| cmark-gfm | Not affected | Not affected | Not affected | Not in release |
ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | Not affected | Vulnerable | Vulnerable | Vulnerable |
Some fixes available 6 of 8
Denial of service could be caused to markdown-it-py, before v2.2.0, if an attacker was allowed to force null assertions with specially crafted input.
1 affected package
markdown-it-py
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| markdown-it-py | Fixed | Needs evaluation | Not in release | Not in release |
Some fixes available 6 of 8
Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input.
1 affected package
markdown-it-py
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| markdown-it-py | Fixed | Needs evaluation | Not in release | Not in release |