Search CVE reports
11 – 20 of 51398 results
ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the...
1 affected package
imagemagick
| Package | 16.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow,...
1 affected package
imagemagick
| Package | 16.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single...
1 affected package
imagemagick
| Package | 16.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0 through 2.19.8 are vulnerable to heap buffer overflow when the JSON generator is provided with an oversized streamed object. When streaming to an IO JSON.dump(obj, io)...
8 affected packages
ruby2.3, ruby2.5, ruby2.7, ruby3.0, ruby3.2...
| Package | 16.04 LTS |
|---|---|
| ruby2.3 | Needs evaluation |
| ruby2.5 | — |
| ruby2.7 | — |
| ruby3.0 | — |
| ruby3.2 | — |
| ruby3.3 | — |
| jruby | — |
| ruby-json | — |
In the Tarfile.extract() function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted tar files could end up writing files with an unexpected uid/gid...
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 16.04 LTS |
|---|---|
| python2.7 | Needs evaluation |
| python3.4 | — |
| python3.5 | Needs evaluation |
| python3.6 | — |
| python3.7 | — |
| python3.8 | — |
| python3.9 | — |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEEE 802.11be) Multi-Link Operation (MLO) association request processing allows an unauthenticated attacker within wireless range to send a crafted management...
1 affected package
wpa
| Package | 16.04 LTS |
|---|---|
| wpa | Needs evaluation |
A flaw was found in GLib. A state confusion issue exists in g_dbus_node_info_new_for_xml() in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a <node> element nested within...
1 affected package
glib2.0
| Package | 16.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in GLib. The D-Bus client-side implementation of the DBUS_COOKIE_SHA1 SASL authentication mechanism does not validate the cookie_context parameter received from the server. A malicious D-Bus server can supply a...
1 affected package
glib2.0
| Package | 16.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in GLib. An off-by-one error can occur in the g_key_file_get_locale_string_list function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or...
1 affected package
glib2.0
| Package | 16.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in GLib. A buffer over-read can occur in g_io_channel_read_line_backend() in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString...
1 affected package
glib2.0
| Package | 16.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |