Search CVE reports
20091 – 20100 of 45622 results
When generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This...
7 affected packages
firefox, mozjs78, mozjs38, mozjs52, mozjs68...
| Package | 16.04 LTS |
|---|---|
| firefox | Ignored |
| mozjs78 | Not in release |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Ignored |
By using a link with <code>rel="localization"</code> a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a...
2 affected packages
firefox, thunderbird
| Package | 16.04 LTS |
|---|---|
| firefox | Ignored |
| thunderbird | Ignored |
If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable...
2 affected packages
firefox, thunderbird
| Package | 16.04 LTS |
|---|---|
| firefox | Ignored |
| thunderbird | Ignored |
After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8 and Firefox ESR < 91.8.
2 affected packages
firefox, thunderbird
| Package | 16.04 LTS |
|---|---|
| firefox | Ignored |
| thunderbird | Ignored |
<code>NSSToken</code> objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects...
2 affected packages
firefox, thunderbird
| Package | 16.04 LTS |
|---|---|
| firefox | Ignored |
| thunderbird | Ignored |
heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.
1 affected package
radare2
| Package | 16.04 LTS |
|---|---|
| radare2 | Needs evaluation |
PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. Note: Third parties have disputed this as not affecting PHP-Memcached directly.
1 affected package
php-memcached
| Package | 16.04 LTS |
|---|---|
| php-memcached | Not affected |
Some fixes available 1 of 11
yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of `yajl` contain an integer overflow which leads to subsequent heap memory corruption when dealing with large (~2GB)...
12 affected packages
yajl, argyll, ruby-yajl, tulip, burp...
| Package | 16.04 LTS |
|---|---|
| yajl | Fixed |
| argyll | Needs evaluation |
| ruby-yajl | Needs evaluation |
| tulip | Needs evaluation |
| burp | Needs evaluation |
| centreon-broker | Ignored |
| collada2gltf | Needs evaluation |
| icinga2 | Needs evaluation |
| libbson | Needs evaluation |
| lnav | Needs evaluation |
| php-mongodb | Needs evaluation |
| r-cran-jsonlite | Needs evaluation |
Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbounded recursive call to the new opt() function.
1 affected package
iotjs
| Package | 16.04 LTS |
|---|---|
| iotjs | Ignored |
Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecma_builtin_array_prototype_object_slice in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021.
1 affected package
iotjs
| Package | 16.04 LTS |
|---|---|
| iotjs | Ignored |