Search CVE reports
11881 – 11890 of 48193 results
In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.
2 affected packages
xpdf, ipe
| Package | 16.04 LTS |
|---|---|
| xpdf | Needs evaluation |
| ipe | Needs evaluation |
In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero.
2 affected packages
xpdf, ipe
| Package | 16.04 LTS |
|---|---|
| xpdf | Needs evaluation |
| ipe | Needs evaluation |
In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.
2 affected packages
xpdf, ipe
| Package | 16.04 LTS |
|---|---|
| xpdf | Needs evaluation |
| ipe | Needs evaluation |
A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtio_snd_pcm_in_cb, the function did not check whether the iov can fit the data buffer. This issue can...
1 affected package
qemu
| Package | 16.04 LTS |
|---|---|
| qemu | Fixed |
WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and...
1 affected package
python-webob
| Package | 16.04 LTS |
|---|---|
| python-webob | Needs evaluation |
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only...
1 affected package
nginx
| Package | 16.04 LTS |
|---|---|
| nginx | Fixed |
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the...
158 affected packages
linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11, linux-hwe-5.13...
| Package | 16.04 LTS |
|---|---|
| linux-hwe | Vulnerable |
| linux-hwe-5.4 | Not in release |
| linux-hwe-5.8 | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-hwe-edge | Ignored |
| linux-lts-xenial | Not in release |
| linux-kvm | Not affected |
| linux-allwinner-5.19 | Not in release |
| linux-aws-5.0 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-5.8 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-aws-hwe | Vulnerable |
| linux-azure-4.15 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-fde | Not in release |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-bluefield | Not in release |
| linux-azure-edge | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Not in release |
| linux-aws-fips | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gke | Ignored |
| linux-gke-4.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gke-5.15 | Not in release |
| linux-gkeop-5.4 | Not in release |
| linux-gkeop-5.15 | Not in release |
| linux-ibm-5.4 | Not in release |
| linux-ibm-5.15 | Not in release |
| linux-intel-5.13 | Not in release |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-lowlatency | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-nvidia | Not in release |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-6.5 | Not in release |
| linux-oem | Ignored |
| linux-oem-5.6 | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Not in release |
| linux-raspi2 | Ignored |
| linux-raspi-5.4 | Not in release |
| linux-riscv | Not in release |
| linux-riscv-5.8 | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |
| linux-xilinx-zynqmp | Not in release |
| linux-aws | Not affected |
| linux-azure | Vulnerable |
| linux-gkeop | Not in release |
| linux | Not affected |
| linux-gcp | Vulnerable |
| linux-ibm | Not in release |
| linux-oracle | Vulnerable |
| linux-raspi | Not in release |
| linux-intel | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-raspi-realtime | Not in release |
| linux-realtime | Not in release |
| linux-fips | Not affected |
| linux-azure-fips | Not in release |
| linux-gcp-fips | Not in release |
| linux-aws-6.8 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-hwe-6.11 | Not in release |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia-tegra | Not in release |
| linux-nvidia-tegra-igx | Not in release |
| linux-azure-nvidia | Not in release |
| linux-azure-6.11 | Not in release |
| linux-gcp-6.11 | Not in release |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-oem-6.14 | Not in release |
| linux-riscv-6.14 | Not in release |
| linux-ibm-6.8 | Not in release |
| linux-aws-6.14 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-oracle-6.14 | Not in release |
| linux-nvidia-6.11 | Not in release |
| linux-realtime-6.14 | Not in release |
| linux-realtime-6.8 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
| linux-xilinx | Not in release |
| linux-oem-6.17 | Not in release |
| linux-azure-fde-6.8 | Not in release |
| linux-aws-6.17 | Not in release |
| linux-gcp-6.17 | Not in release |
| linux-hwe-6.17 | Not in release |
| linux-oracle-6.17 | Not in release |
| linux-riscv-6.17 | Not in release |
| linux-azure-6.17 | Not in release |
| linux-azure-fde-6.17 | Not in release |
| linux-realtime-6.17 | Not in release |
Mirrored regions with different values in 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
1 affected package
intel-microcode
| Package | 16.04 LTS |
|---|---|
| intel-microcode | Fixed |
Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
1 affected package
intel-microcode
| Package | 16.04 LTS |
|---|---|
| intel-microcode | Fixed |
Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access.
1 affected package
intel-microcode
| Package | 16.04 LTS |
|---|---|
| intel-microcode | Fixed |