Search CVE reports
1401 – 1410 of 39943 results
libXpm Out-of-bounds read in xpmNextWord()
2 affected packages
libxpm, motif
| Package | 20.04 LTS |
|---|---|
| libxpm | Needs evaluation |
| motif | Needs evaluation |
In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfs_build_permissions_posix() in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image....
1 affected package
ntfs-3g
| Package | 20.04 LTS |
|---|---|
| ntfs-3g | Needs evaluation |
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through...
1 affected package
openexr
| Package | 20.04 LTS |
|---|---|
| openexr | Not affected |
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. In versions 6.5 through 7.17.0, when `HTMLExporter.embed_images=True`, nbconvert's markdown renderer allows arbitrary...
1 affected package
nbconvert
| Package | 20.04 LTS |
|---|---|
| nbconvert | Needs evaluation |
Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Cassandra export module (`glances/exports/glances_cassandra/__init__.py`) interpolates `keyspace`, `table`, and `replication_factor`...
1 affected package
glances
| Package | 20.04 LTS |
|---|---|
| glances | Needs evaluation |
Not in release
Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result...
2 affected packages
glibc, eglibc
| Package | 20.04 LTS |
|---|---|
| glibc | Needs evaluation |
| eglibc | — |
Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap...
2 affected packages
glibc, eglibc
| Package | 20.04 LTS |
|---|---|
| glibc | Needs evaluation |
| eglibc | — |
Rejected reason: REJECTED: CVE-2026-5358 is rejected for two reasons. Firstly it has been discovered that no NIS+ client or server was ever released for any Linux-based OS distributions and as such this makes the API...
2 affected packages
glibc, eglibc
| Package | 20.04 LTS |
|---|---|
| glibc | Not affected |
| eglibc | — |
A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS: * 7.0.X * 8.0.X * ...
2 affected packages
znuny, otrs2
| Package | 20.04 LTS |
|---|---|
| znuny | — |
| otrs2 | Needs evaluation |