Search CVE reports
691 – 700 of 28513 results
(A missing upper-bound check in the udpif_set_threads() function of Ope ...)
1 affected package
openvswitch
| Package | 26.04 LTS |
|---|---|
| openvswitch | Needs evaluation |
A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xls_parseWorkBook() and is triggered by uninitialized heap memory originating from the OLE layer...
1 affected package
r-cran-readxl
| Package | 26.04 LTS |
|---|---|
| r-cran-readxl | Needs evaluation |
libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table (MSAT) in read_MSAT() is not fully initialized before being...
1 affected package
r-cran-readxl
| Package | 26.04 LTS |
|---|---|
| r-cran-readxl | Needs evaluation |
A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description (MUD) URLs. A local user can exploit this flaw...
1 affected package
network-manager
| Package | 26.04 LTS |
|---|---|
| network-manager | Needs evaluation |
(Out-of-bounds read vulnerability in Samsung Open Source rlottie allows ...)
1 affected package
rlottie
| Package | 26.04 LTS |
|---|---|
| rlottie | Needs evaluation |
HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities. The XS routine backing HTML::Entities::_decode_entities cached a pointer (repl) into the entity-value SV returned by hv_fetch on the...
1 affected package
libhtml-parser-perl
| Package | 26.04 LTS |
|---|---|
| libhtml-parser-perl | Needs evaluation |
(A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allow ...)
1 affected package
jupyter-server
| Package | 26.04 LTS |
|---|---|
| jupyter-server | Needs evaluation |
Impact: The morgan logging middleware's :remote-user token extracts the Basic auth username from the Authorization request header and writes it to the log stream without neutralizing control characters. An unauthenticated attacker...
1 affected package
node-morgan
| Package | 26.04 LTS |
|---|---|
| node-morgan | Needs evaluation |
[Unknown description]
23 affected packages
apache2, apr-util, ayttm, cableswig, cadaver...
| Package | 26.04 LTS |
|---|---|
| apache2 | Not affected |
| apr-util | Not affected |
| ayttm | Not in release |
| cableswig | Not in release |
| cadaver | Needs evaluation |
| cmake | Not affected |
| coin3 | Not affected |
| expat | Needs evaluation |
| firefox | Not affected |
| gdcm | Not affected |
| ghostscript | Not affected |
| insighttoolkit4 | Not in release |
| libxmltok | Not in release |
| matanza | Ignored |
| smart | Not in release |
| swish-e | Needs evaluation |
| tdom | Needs evaluation |
| texlive-bin | Not affected |
| thunderbird | Not affected |
| vnc4 | Not in release |
| vtk | Not in release |
| wbxml2 | Needs evaluation |
| xmlrpc-c | Needs evaluation |
[Unknown description]
1 affected package
libnet-cidr-set-perl
| Package | 26.04 LTS |
|---|---|
| libnet-cidr-set-perl | Needs evaluation |