Search CVE reports
201 – 210 of 1231 results
An allocation-size-too-big bug in the component /imagebuf.cpp of OpenImageIO v3.1.0.0dev may cause a Denial of Service (DoS) when the program to requests to allocate too much space.
1 affected package
openimageio
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openimageio | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component /OpenImageIO/fmath.h.
1 affected package
openimageio
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openimageio | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
OpenImageIO v3.1.0.0dev was discovered to contain a segmentation violation via the component /OpenImageIO/string_view.h.
1 affected package
openimageio
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openimageio | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component OpenImageIO_v3_1_0::farmhash::inlined::Fetch64(char const*).
1 affected package
openimageio
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openimageio | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory...
1 affected package
pgagent
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pgagent | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pyrage is a set of Python bindings for the rage file encryption library (age in Rust). `pyrage` uses the Rust `age` crate for its underlying operations, and `age` is vulnerable to GHSA-4fg7-vxc8-qx5w. All details...
1 affected package
age
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| age | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | — |
Some fixes available 13 of 17
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.
7 affected packages
adsys, golang-golang-x-net, google-guest-agent, containerd, golang-golang-x-net-dev...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| adsys | Fixed | Fixed | Fixed | Fixed | — |
| golang-golang-x-net | Vulnerable | Fixed | Fixed | Not in release | — |
| google-guest-agent | Not affected | Not affected | Not affected | Not affected | Not affected |
| containerd | Not affected | Not affected | Not affected | Not affected | Not affected |
| golang-golang-x-net-dev | Not in release | Not in release | Not in release | Fixed | Fixed |
| juju-core | Not in release | Not in release | Not in release | Not in release | — |
| lxd | Not in release | Not in release | Not in release | Not affected | Not affected |
LDAP Account Manager (LAM) is a php webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In affected versions LAM does not properly sanitize configuration values, that are set via...
1 affected package
ldap-account-manager
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 11 of 17
Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says...
4 affected packages
snapd, lxd, golang-go.crypto, google-guest-agent
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| snapd | Not affected | Not affected | Not affected | Not affected | Not affected |
| lxd | Not in release | Not in release | Not in release | Not affected | Needs evaluation |
| golang-go.crypto | Vulnerable | Fixed | Fixed | Fixed | Fixed |
| google-guest-agent | Not affected | Fixed | Fixed | Fixed | Fixed |
Some fixes available 3 of 25
In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute...
5 affected packages
xemacs21, xemacs21-packages, emacs24, emacs25, emacs
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| xemacs21 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xemacs21-packages | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| emacs24 | Not in release | Not in release | Not in release | Not in release | — |
| emacs25 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| emacs | Not affected | Fixed | Fixed | Fixed | — |