Search CVE reports
41 – 50 of 37912 results
Use-after-free (UAF) was possible in the `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.GzipFile` when a memory allocation fails with a `MemoryError` and the decompression instance is re-used. This scenario can be...
13 affected packages
pypy3, python2.7, python3.4, python3.5, python3.6...
| Package | 22.04 LTS |
|---|---|
| pypy3 | Needs evaluation |
| python2.7 | Needs evaluation |
| python3.4 | Not in release |
| python3.5 | Not in release |
| python3.6 | Not in release |
| python3.7 | Not in release |
| python3.8 | Not in release |
| python3.9 | Not in release |
| python3.10 | Needs evaluation |
| python3.11 | Needs evaluation |
| python3.12 | Not in release |
| python3.13 | Not in release |
| python3.14 | Not in release |
A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opj_pi_initialise_encode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out...
7 affected packages
openjpeg2, insighttoolkit4, qtwebengine-opensource-src, blender, texmaker...
| Package | 22.04 LTS |
|---|---|
| openjpeg2 | Needs evaluation |
| insighttoolkit4 | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation |
| blender | Needs evaluation |
| texmaker | Needs evaluation |
| ghostscript | Not affected |
| openjpeg | Not in release |
An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received body length matches a previously announced content-length when the stream is closed via a frame with an empty payload. This can...
1 affected package
haproxy
| Package | 22.04 LTS |
|---|---|
| haproxy | Needs evaluation |
The bson_validate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data, allowing malformed or invalid UTF-8 sequences to bypass validation and...
1 affected package
mongo-c-driver
| Package | 22.04 LTS |
|---|---|
| mongo-c-driver | Needs evaluation |
A heap buffer overflow in the av_bprint_finalize() function of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.
2 affected packages
ffmpeg, libav
| Package | 22.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | Not in release |
An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input file.
2 affected packages
ffmpeg, libav
| Package | 22.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | Not in release |
A stack overflow in the experimental/tinyobj_loader_opt.h file of tinyobjloader commit d56555b allows attackers to cause a Denial of Service (DoS) via supplying a crafted .mtl file.
1 affected package
tinyobjloader
| Package | 22.04 LTS |
|---|---|
| tinyobjloader | Needs evaluation |
In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.
1 affected package
libexif
| Package | 22.04 LTS |
|---|---|
| libexif | Needs evaluation |
Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on g_file_trash.
1 affected package
xdg-desktop-portal
| Package | 22.04 LTS |
|---|---|
| xdg-desktop-portal | Needs evaluation |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD __build_packet_message() manually constructs the NFULA_PAYLOAD netlink attribute using...
157 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-5.11, linux-aws-5.13...
| Package | 22.04 LTS |
|---|---|
| linux | Vulnerable |
| linux-aws | Vulnerable |
| linux-aws-5.0 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-5.8 | Not in release |
| linux-aws-6.14 | Not in release |
| linux-aws-6.17 | Not in release |
| linux-aws-6.8 | Vulnerable |
| linux-aws-fips | Vulnerable |
| linux-aws-hwe | Not in release |
| linux-azure | Vulnerable |
| linux-azure-4.15 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-6.17 | Not in release |
| linux-azure-6.8 | Vulnerable |
| linux-azure-edge | Not in release |
| linux-azure-fde | Vulnerable |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-fde-6.17 | Not in release |
| linux-azure-fde-6.8 | Vulnerable |
| linux-azure-fips | Vulnerable |
| linux-azure-nvidia | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
| linux-bluefield | Not in release |
| linux-fips | Vulnerable |
| linux-gcp | Vulnerable |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-gcp-6.17 | Not in release |
| linux-gcp-6.8 | Vulnerable |
| linux-gcp-fips | Vulnerable |
| linux-gke | Vulnerable |
| linux-gke-4.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gkeop | Vulnerable |
| linux-gkeop-5.15 | Not in release |
| linux-gkeop-5.4 | Not in release |
| linux-hwe | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.4 | Not in release |
| linux-hwe-5.8 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-hwe-6.17 | Not in release |
| linux-hwe-6.8 | Vulnerable |
| linux-hwe-edge | Not in release |
| linux-ibm | Vulnerable |
| linux-ibm-5.15 | Not in release |
| linux-ibm-5.4 | Not in release |
| linux-ibm-6.8 | Vulnerable |
| linux-intel-iot-realtime | Vulnerable |
| linux-intel-iotg | Vulnerable |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-kvm | Vulnerable |
| linux-lowlatency | Vulnerable |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-6.8 | Vulnerable |
| linux-lts-xenial | Not in release |
| linux-nvidia | Vulnerable |
| linux-nvidia-6.8 | Vulnerable |
| linux-nvidia-lowlatency | Not in release |
| linux-nvidia-tegra | Vulnerable |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-nvidia-tegra-igx | Vulnerable |
| linux-oem | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.6 | Not in release |
| linux-oem-6.14 | Not in release |
| linux-oem-6.17 | Not in release |
| linux-oracle | Vulnerable |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Not in release |
| linux-oracle-6.14 | Not in release |
| linux-oracle-6.17 | Not in release |
| linux-oracle-6.8 | Vulnerable |
| linux-raspi | Vulnerable |
| linux-raspi-5.4 | Not in release |
| linux-raspi-realtime | Not in release |
| linux-raspi2 | Not in release |
| linux-realtime | Vulnerable |
| linux-realtime-6.14 | Not in release |
| linux-realtime-6.8 | Vulnerable |
| linux-xilinx-zynqmp | Vulnerable |
| linux-hwe-5.19 | Ignored |
| linux-hwe-6.2 | Ignored |
| linux-hwe-6.5 | Ignored |
| linux-hwe-6.11 | Not in release |
| linux-allwinner-5.19 | Ignored |
| linux-aws-5.19 | Ignored |
| linux-aws-6.2 | Ignored |
| linux-aws-6.5 | Ignored |
| linux-azure-5.19 | Ignored |
| linux-azure-6.2 | Ignored |
| linux-azure-6.5 | Ignored |
| linux-azure-6.11 | Not in release |
| linux-azure-fde-5.19 | Ignored |
| linux-azure-fde-6.2 | Ignored |
| linux-gcp-5.19 | Ignored |
| linux-gcp-6.2 | Ignored |
| linux-gcp-6.5 | Ignored |
| linux-gcp-6.11 | Not in release |
| linux-gke-5.15 | Not in release |
| linux-intel-5.13 | Not in release |
| linux-lowlatency-hwe-5.19 | Ignored |
| linux-lowlatency-hwe-6.2 | Ignored |
| linux-lowlatency-hwe-6.5 | Ignored |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia-6.2 | Ignored |
| linux-nvidia-6.5 | Ignored |
| linux-nvidia-6.11 | Not in release |
| linux-oracle-6.5 | Ignored |
| linux-oem-5.17 | Ignored |
| linux-oem-6.0 | Ignored |
| linux-oem-6.1 | Ignored |
| linux-oem-6.5 | Ignored |
| linux-oem-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-riscv | Ignored |
| linux-riscv-5.8 | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Ignored |
| linux-riscv-6.5 | Ignored |
| linux-riscv-6.8 | Vulnerable |
| linux-riscv-6.14 | Not in release |
| linux-riscv-6.17 | Not in release |
| linux-starfive-5.19 | Ignored |
| linux-starfive-6.2 | Ignored |
| linux-starfive-6.5 | Ignored |
| linux-xilinx | Not in release |
| linux-realtime-6.17 | Not in release |