Search CVE reports
201 – 210 of 1234 results
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
2 affected packages
golang-golang-x-oauth2, google-guest-agent
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| golang-golang-x-oauth2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| google-guest-agent | Not affected | Not affected | Not affected | Not affected | Not affected |
CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. During a recent internal audit, a Cross-Site Scripting (XSS) vulnerability was discovered in the CKEditor 5 real-time collaboration package. This...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ckeditor | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ckeditor3 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 3 of 25
A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a...
5 affected packages
emacs, xemacs21, xemacs21-packages, emacs24, emacs25
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| emacs | Not affected | Fixed | Fixed | Fixed | — |
| xemacs21 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xemacs21-packages | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| emacs24 | Not in release | Not in release | Not in release | Not in release | — |
| emacs25 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
An allocation-size-too-big bug in the component /imagebuf.cpp of OpenImageIO v3.1.0.0dev may cause a Denial of Service (DoS) when the program to requests to allocate too much space.
1 affected package
openimageio
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openimageio | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component /OpenImageIO/fmath.h.
1 affected package
openimageio
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openimageio | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
OpenImageIO v3.1.0.0dev was discovered to contain a segmentation violation via the component /OpenImageIO/string_view.h.
1 affected package
openimageio
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openimageio | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component OpenImageIO_v3_1_0::farmhash::inlined::Fetch64(char const*).
1 affected package
openimageio
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openimageio | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory...
1 affected package
pgagent
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pgagent | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 1 of 3
pyrage is a set of Python bindings for the rage file encryption library (age in Rust). `pyrage` uses the Rust `age` crate for its underlying operations, and `age` is vulnerable to GHSA-4fg7-vxc8-qx5w. All details...
1 affected package
age
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| age | Not affected | Fixed | Not affected | Not in release | — |
Some fixes available 13 of 17
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.
7 affected packages
adsys, golang-golang-x-net, google-guest-agent, containerd, golang-golang-x-net-dev...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| adsys | Fixed | Fixed | Fixed | Fixed | — |
| golang-golang-x-net | Vulnerable | Fixed | Fixed | Not in release | — |
| google-guest-agent | Not affected | Not affected | Not affected | Not affected | Not affected |
| containerd | Not affected | Not affected | Not affected | Not affected | Not affected |
| golang-golang-x-net-dev | Not in release | Not in release | Not in release | Fixed | Fixed |
| juju-core | Not in release | Not in release | Not in release | Not in release | — |
| lxd | Not in release | Not in release | Not in release | Not affected | Not affected |