Search CVE reports
1721 – 1730 of 35604 results
Firebird is an open-source relational database management system. In versions prior to 6.0.0, 5.0.4, 4.0.7 and 3.0.14, when processing an op_slice network packet, the server passes an unprepared structure containing a null pointer...
2 affected packages
firebird3.0, firebird4.0
| Package | 24.04 LTS |
|---|---|
| firebird3.0 | Needs evaluation |
| firebird4.0 | Not in release |
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when processing CNCT_specific_data segments during authentication, the server assumes segments arrive in strictly...
2 affected packages
firebird3.0, firebird4.0
| Package | 24.04 LTS |
|---|---|
| firebird3.0 | Needs evaluation |
| firebird4.0 | Not in release |
Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields when communicating with FB4 or higher servers, resulting in an...
2 affected packages
firebird3.0, firebird4.0
| Package | 24.04 LTS |
|---|---|
| firebird3.0 | Needs evaluation |
| firebird4.0 | Not in release |
A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function im_minpos_vec of the file libvips/deprecated/vips7compat.c of the component nip2 Handler. Such manipulation of the argument n...
1 affected package
vips
| Package | 24.04 LTS |
|---|---|
| vips | Needs evaluation |
(: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Le ...)
1 affected package
bouncycastle
| Package | 24.04 LTS |
|---|---|
| bouncycastle | Needs evaluation |
In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory.
1 affected package
opam
| Package | 24.04 LTS |
|---|---|
| opam | Fixed |
(libexpat before 2.7.6 uses insufficient entropy, and thus hash floodin ...)
23 affected packages
expat, apache2, apr-util, cmake, ghostscript...
| Package | 24.04 LTS |
|---|---|
| expat | Needs evaluation |
| apache2 | Not affected |
| apr-util | Not affected |
| cmake | Not affected |
| ghostscript | Not affected |
| texlive-bin | Not affected |
| xmlrpc-c | Needs evaluation |
| vnc4 | Not in release |
| wbxml2 | Needs evaluation |
| swish-e | Needs evaluation |
| insighttoolkit4 | Not in release |
| cadaver | Needs evaluation |
| gdcm | Not affected |
| ayttm | Not in release |
| cableswig | Not in release |
| coin3 | Not affected |
| matanza | Ignored |
| tdom | Needs evaluation |
| vtk | Not in release |
| smart | Not in release |
| firefox | Not affected |
| thunderbird | Not affected |
| libxmltok | Needs evaluation |
(MuPDF mutool does not sanitize PDF metadata fields before writing them ...)
1 affected package
mupdf
| Package | 24.04 LTS |
|---|---|
| mupdf | Needs evaluation |
pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can craft a PDF which leads to large...
2 affected packages
pypdf, pypdf2
| Package | 24.04 LTS |
|---|---|
| pypdf | Needs evaluation |
| pypdf2 | Needs evaluation |
Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks. A specially crafted FITS...
2 affected packages
pillow, pillow-python2
| Package | 24.04 LTS |
|---|---|
| pillow | Not affected |
| pillow-python2 | Not in release |