Search CVE reports
2801 – 2810 of 49955 results
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API...
5 affected packages
libpng, libpng1.6, firefox, thunderbird, chromium-browser
| Package | 16.04 LTS |
|---|---|
| libpng | Fixed |
| libpng1.6 | Fixed |
| firefox | — |
| thunderbird | — |
| chromium-browser | — |
The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation...
1 affected package
mongodb
| Package | 16.04 LTS |
|---|---|
| mongodb | Vulnerable |
A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server.
1 affected package
mongodb
| Package | 16.04 LTS |
|---|---|
| mongodb | Not affected |
Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable...
1 affected package
intel-microcode
| Package | 16.04 LTS |
|---|---|
| intel-microcode | Fixed |
An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial of service via a crafted file to the tcpedit_dlt_getplugin function at src/tcpedit/plugins/dlt_utils.c.
1 affected package
tcpreplay
| Package | 16.04 LTS |
|---|---|
| tcpreplay | Needs evaluation |
A security vulnerability has been detected in ckolivas lrzip up to 0.651. This vulnerability affects the function ucompthread of the file stream.c. Such manipulation leads to null pointer dereference. The attack can only...
1 affected package
lrzip
| Package | 16.04 LTS |
|---|---|
| lrzip | Needs evaluation |
A vulnerability was found in ckolivas lrzip up to 0.651. This impacts the function lzma_decompress_buf of the file stream.c. Performing a manipulation results in use after free. Attacking locally is a requirement. The exploit has...
1 affected package
lrzip
| Package | 16.04 LTS |
|---|---|
| lrzip | Needs evaluation |
A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function get_system_dpi of the file platform/x11/win_main.c. This manipulation causes uncontrolled search path. The attack requires local...
1 affected package
mupdf
| Package | 16.04 LTS |
|---|---|
| mupdf | Ignored |
Observable Timing Discrepancy vulnerability in Apache Shiro. This issue affects Apache Shiro: from 1.*, 2.* before 2.0.7. Users are recommended to upgrade to version 2.0.7 or later, which fixes the issue. Prior to Shiro 2.0.7,...
1 affected package
shiro
| Package | 16.04 LTS |
|---|---|
| shiro | Needs evaluation |
Not in release
Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 16.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |