Search CVE reports
31 – 40 of 43011 results
(Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection sl ...)
1 affected package
maradns
| Package | 18.04 LTS |
|---|---|
| maradns | Needs evaluation |
(radare2 prior to version 6.1.4 contains a command injection vulnerabil ...)
1 affected package
radare2
| Package | 18.04 LTS |
|---|---|
| radare2 | Needs evaluation |
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in load_with_gdkpixbuf() in loader.c....
1 affected package
libsixel
| Package | 18.04 LTS |
|---|---|
| libsixel | Needs evaluation |
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixel_encoder_encode_bytes() because sixel_frame_init() stores the caller-owned...
1 affected package
libsixel
| Package | 18.04 LTS |
|---|---|
| libsixel | Needs evaluation |
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow which leads to a heap buffer overflow via sixel_frame_convert_to_rgb888() in frame.c, where...
1 affected package
libsixel
| Package | 18.04 LTS |
|---|---|
| libsixel | Needs evaluation |
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow leading to an out-of-bounds heap read in the --crop option handling of img2sixel, where positive...
1 affected package
libsixel
| Package | 18.04 LTS |
|---|---|
| libsixel | Needs evaluation |
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the load_gif() function in fromgif.c, where a single sixel_frame_t object is reused...
1 affected package
libsixel
| Package | 18.04 LTS |
|---|---|
| libsixel | Needs evaluation |
In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the user_enabled_invert configuration option is False (the default). The _ldap_res_to_model method in the...
1 affected package
keystone
| Package | 18.04 LTS |
|---|---|
| keystone | Needs evaluation |
The "profiling.sampling" module (Python 3.15+) and "asyncio introspection capabilities" (3.14+, "python -m asyncio ps" and "python -m asyncio pstree") features could be used to read and write addresses in a privileged process if...
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 18.04 LTS |
|---|---|
| python2.7 | Needs evaluation |
| python3.4 | — |
| python3.5 | — |
| python3.6 | Needs evaluation |
| python3.7 | Needs evaluation |
| python3.8 | Needs evaluation |
| python3.9 | — |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
Leaflet versions up to and including 1.9.4 are vulnerable to Cross-Site Scripting (XSS) via the bindPopup() method. This method renders user-supplied input as raw HTML without sanitization, allowing attackers to inject arbitrary...
1 affected package
leaflet
| Package | 18.04 LTS |
|---|---|
| leaflet | Needs evaluation |