Search CVE reports
171 – 180 of 36824 results
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_create_read_struct() function.
5 affected packages
libpng, firefox, thunderbird, chromium-browser, libpng1.6
| Package | 20.04 LTS |
|---|---|
| libpng | — |
| firefox | — |
| thunderbird | — |
| chromium-browser | — |
| libpng1.6 | Not affected |
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer (ASan), the program leaks memory in various locations, eventually leading to high...
5 affected packages
libpng, firefox, thunderbird, chromium-browser, libpng1.6
| Package | 20.04 LTS |
|---|---|
| libpng | — |
| firefox | — |
| thunderbird | — |
| chromium-browser | — |
| libpng1.6 | Not affected |
A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker...
1 affected package
glib2.0
| Package | 20.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This...
1 affected package
glib2.0
| Package | 20.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory...
1 affected package
glib2.0
| Package | 20.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to...
2 affected packages
libsoup2.4, libsoup3
| Package | 20.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | — |
Integer Overflow or Wraparound vulnerability in RawTherapee (rtengine modules). This vulnerability is associated with program files dcraw.Cc. This issue affects RawTherapee: through 5.11.
1 affected package
rawtherapee
| Package | 20.04 LTS |
|---|---|
| rawtherapee | Needs evaluation |
QGIS is a free, open source, cross platform geographical information system (GIS) The repository contains a GitHub Actions workflow called "pre-commit checks" that, before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9,...
1 affected package
qgis
| Package | 20.04 LTS |
|---|---|
| qgis | Needs evaluation |
Some fixes available 1 of 2
Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS#7 data where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference...
4 affected packages
openssl, openssl1.0, nodejs, edk2
| Package | 20.04 LTS |
|---|---|
| openssl | Fixed |
| openssl1.0 | — |
| nodejs | Not affected |
| edk2 | Needs evaluation |
Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS#12 file. Impact summary: An application processing a malformed PKCS#12 file can be caused to dereference an invalid or...
4 affected packages
openssl, openssl1.0, nodejs, edk2
| Package | 20.04 LTS |
|---|---|
| openssl | Fixed |
| openssl1.0 | — |
| nodejs | Not affected |
| edk2 | Not affected |