Search CVE reports

11 – 20 of 56 results

Detailed view

Sort by:

CVE-2025-47183

Medium priority

Needs evaluation

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure.

35 affected packages

gst-libav1.0, gst-plugins-bad1.0, gst-plugins-bad1.0-contrib, gst-plugins-base1.0, gst-plugins-good1.0...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
gst-libav1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gst-plugins-bad1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gst-plugins-bad1.0-contrib	Needs evaluation	Needs evaluation	—	—
gst-plugins-base1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gst-plugins-good1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gst-plugins-ugly1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gst-python1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gst-rtsp-server1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gstreamer-editing-services1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gstreamer-vaapi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gstreamer1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
qt-gstreamer	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rust-gst-plugin-version-helper	Needs evaluation	Not in release	—	—
rust-gstreamer	Needs evaluation	Not in release	—	—
rust-gstreamer-allocators	Not in release	Not in release	—	—
rust-gstreamer-allocators-sys	Not in release	Not in release	—	—
rust-gstreamer-audio	Needs evaluation	Not in release	—	—
rust-gstreamer-audio-sys	Needs evaluation	Needs evaluation	Needs evaluation	—
rust-gstreamer-base	Needs evaluation	Not in release	—	—
rust-gstreamer-base-sys	Needs evaluation	Needs evaluation	Needs evaluation	—
rust-gstreamer-gl	Needs evaluation	Not in release	—	—
rust-gstreamer-gl-egl	Needs evaluation	Not in release	—	—
rust-gstreamer-gl-egl-sys	Needs evaluation	Not in release	—	—
rust-gstreamer-gl-sys	Needs evaluation	Not in release	—	—
rust-gstreamer-gl-wayland	Needs evaluation	Not in release	—	—
rust-gstreamer-gl-wayland-sys	Needs evaluation	Not in release	—	—
rust-gstreamer-gl-x11	Needs evaluation	Not in release	—	—
rust-gstreamer-gl-x11-sys	Needs evaluation	Not in release	—	—
rust-gstreamer-pbutils	Needs evaluation	Not in release	—	—
rust-gstreamer-pbutils-sys	Needs evaluation	Not in release	—	—
rust-gstreamer-play	Needs evaluation	Not in release	—	—
rust-gstreamer-play-sys	Needs evaluation	Not in release	—	—
rust-gstreamer-sys	Needs evaluation	Needs evaluation	Needs evaluation	—
rust-gstreamer-video	Needs evaluation	Not in release	—	—
rust-gstreamer-video-sys	Needs evaluation	Needs evaluation	Needs evaluation	—

CVE-2025-26601

Medium priority

Some fixes available 13 of 14

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called....

7 affected packages

xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
xorg	Not affected	Not affected	Not affected	Not affected
xorg-server	Fixed	Fixed	Fixed	Fixed
xwayland	Fixed	Fixed	Not in release	—
xorg-server-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-server-hwe-18.04	Not in release	Not in release	Not in release	Fixed
xorg-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-hwe-18.04	Not in release	Not in release	Not in release	Not affected

CVE-2025-26600

Medium priority

Some fixes available 13 of 14

A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free.

7 affected packages

xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
xorg	Not affected	Not affected	Not affected	Not affected
xorg-server	Fixed	Fixed	Fixed	Fixed
xwayland	Fixed	Fixed	Not in release	—
xorg-server-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-server-hwe-18.04	Not in release	Not in release	Not in release	Fixed
xorg-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-hwe-18.04	Not in release	Not in release	Not in release	Not affected

CVE-2025-26599

Medium priority

Some fixes available 13 of 14

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc...

7 affected packages

xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
xorg	Not affected	Not affected	Not affected	Not affected
xorg-server	Fixed	Fixed	Fixed	Fixed
xwayland	Fixed	Fixed	Not in release	—
xorg-server-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-server-hwe-18.04	Not in release	Not in release	Not in release	Fixed
xorg-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-hwe-18.04	Not in release	Not in release	Not in release	Not affected

CVE-2025-26598

Medium priority

Some fixes available 13 of 14

An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was...

7 affected packages

xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
xorg	Not affected	Not affected	Not affected	Not affected
xorg-server	Fixed	Fixed	Fixed	Fixed
xwayland	Fixed	Fixed	Not in release	—
xorg-server-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-server-hwe-18.04	Not in release	Not in release	Not in release	Fixed
xorg-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-hwe-18.04	Not in release	Not in release	Not in release	Not affected

CVE-2025-26597

Medium priority

Some fixes available 13 of 14

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a...

7 affected packages

xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
xorg	Not affected	Not affected	Not affected	Not affected
xorg-server	Fixed	Fixed	Fixed	Fixed
xwayland	Fixed	Fixed	Not in release	—
xorg-server-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-server-hwe-18.04	Not in release	Not in release	Not in release	Fixed
xorg-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-hwe-18.04	Not in release	Not in release	Not in release	Not affected

CVE-2025-26596

Medium priority

Some fixes available 13 of 14

A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow.

7 affected packages

xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
xorg	Not affected	Not affected	Not affected	Not affected
xorg-server	Fixed	Fixed	Fixed	Fixed
xwayland	Fixed	Fixed	Not in release	—
xorg-server-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-server-hwe-18.04	Not in release	Not in release	Not in release	Fixed
xorg-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-hwe-18.04	Not in release	Not in release	Not in release	Not affected

CVE-2025-26595

Medium priority

Some fixes available 13 of 14

A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of...

7 affected packages

xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
xorg	Not affected	Not affected	Not affected	Not affected
xorg-server	Fixed	Fixed	Fixed	Fixed
xwayland	Fixed	Fixed	Not in release	—
xorg-server-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-server-hwe-18.04	Not in release	Not in release	Not in release	Fixed
xorg-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-hwe-18.04	Not in release	Not in release	Not in release	Not affected

CVE-2025-26594

Medium priority

Some fixes available 13 of 14

A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free.

7 affected packages

xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
xorg	Not affected	Not affected	Not affected	Not affected
xorg-server	Fixed	Fixed	Fixed	Fixed
xwayland	Fixed	Fixed	Not in release	—
xorg-server-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-server-hwe-18.04	Not in release	Not in release	Not in release	Fixed
xorg-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-hwe-18.04	Not in release	Not in release	Not in release	Not affected

CVE-2024-9632

Medium priority

Some fixes available 13 of 14

A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service...

7 affected packages

xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
xorg	Not affected	Not affected	Not affected	Not affected
xorg-server	Fixed	Fixed	Fixed	Fixed
xwayland	Fixed	Fixed	Not in release	—
xorg-server-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-server-hwe-18.04	Not in release	Not in release	Not in release	Fixed
xorg-hwe-16.04	Not in release	Not in release	Not in release	—
xorg-hwe-18.04	Not in release	Not in release	Not in release	Not affected

Export to JSON

Results by page: