Search CVE reports
1341 – 1350 of 60355 results
7-Zip before 25.01 does not always properly handle symbolic links during extraction.
2 affected packages
7zip, p7zip
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
7zip | Needs evaluation | Needs evaluation | — | — |
p7zip | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access...
1 affected package
cflow
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
cflow | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack...
1 affected package
cflow
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
cflow | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A vulnerability has been found in GNU Bison up to 3.8.2. This impacts the function code_free of the file src/scan-code.c. The manipulation leads to double free. An attack has to be approached locally. The exploit has...
1 affected package
bison
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
bison | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw has been found in GNU Bison up to 3.8.2. This affects the function __obstack_vprintf_internal of the file obprintf.c. Executing manipulation can lead to reachable assertion. The attack requires local access. The exploit has...
1 affected package
bison
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
bison | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled...
1 affected package
libxml2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
libxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective is "keysize is not something that is enforced by this library. Currently more recent versions of OpenSSL are enforcing some key...
1 affected package
ruby-jwt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
ruby-jwt | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 3 of 6
In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.
1 affected package
gst-plugins-base1.0
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
gst-plugins-base1.0 | Fixed | Fixed | Needs evaluation | Needs evaluation |
Some fixes available 3 of 6
In GStreamer through 1.26.1, the subparse plugin's subrip_unescape_formatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.
1 affected package
gst-plugins-base1.0
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
gst-plugins-base1.0 | Fixed | Fixed | Needs evaluation | Needs evaluation |
Some fixes available 3 of 6
In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash.
1 affected package
gst-plugins-base1.0
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
gst-plugins-base1.0 | Fixed | Fixed | Needs evaluation | Needs evaluation |