Search CVE reports
32171 – 32180 of 62088 results
An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to a one-byte out-of-bounds write in the gsym_addr function in x86_64-gen.c. This occurs because tccasm.c mishandles...
1 affected package
tcc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tcc | Not affected | Not affected | Vulnerable | Vulnerable |
A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered...
7 affected packages
texlive-bin, utopia-documents, emscripten, ipe, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| texlive-bin | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| utopia-documents | Not in release | Not in release | Not in release | Not in release |
| emscripten | Ignored | Ignored | Not in release | Ignored |
| ipe | Not affected | Not affected | Not affected | Not affected |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| poppler | Not affected | Not affected | Not affected | Not affected |
| xpdf | Not affected | Not affected | Not in release | Not affected |
Some fixes available 36 of 69
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.
5 affected packages
chromium, db5.3, sqlite3, qtwebengine-opensource-src, sqlcipher
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium | Not in release | Not in release | Not in release | Not in release |
| db5.3 | Fixed | Fixed | Fixed | Fixed |
| sqlite3 | Fixed | Fixed | Fixed | Fixed |
| qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| sqlcipher | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGF_IPMPX_RemoveToolNotificationListener in odf/ipmpx_code.c in libgpac.a, as demonstrated by MP4Box.
1 affected package
gpac
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gpac | Not affected | Not affected | Vulnerable | Vulnerable |
An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function gf_isom_get_original_format_type at isomedia/drm_sample.c in libgpac.a, as demonstrated by MP4Box.
1 affected package
gpac
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gpac | Not affected | Not affected | Vulnerable | Vulnerable |
An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function GetESD at isomedia/track.c in libgpac.a, as demonstrated by MP4Box.
1 affected package
gpac
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gpac | Not affected | Not affected | Vulnerable | Vulnerable |
An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other...
27 affected packages
linux-aws, linux, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux-aws | — | — | — | Not affected |
| linux | — | — | — | Not affected |
| linux-aws-hwe | — | — | — | Not in release |
| linux-azure | — | — | — | Not affected |
| linux-azure-edge | — | — | — | Not affected |
| linux-euclid | — | — | — | Not in release |
| linux-flo | — | — | — | Not in release |
| linux-gcp | — | — | — | Not affected |
| linux-gcp-edge | — | — | — | Not affected |
| linux-gke | — | — | — | Ignored |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | Not affected |
| linux-kvm | — | — | — | Not affected |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | — | — | — | Not affected |
| linux-oracle | — | — | — | Not affected |
| linux-raspi2 | — | — | — | Ignored |
| linux-snapdragon | — | — | — | Ignored |
An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL...
27 affected packages
linux, linux-flo, linux-aws, linux-azure, linux-aws-hwe...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux | — | — | — | Not affected |
| linux-flo | — | — | — | Not in release |
| linux-aws | — | — | — | Not affected |
| linux-azure | — | — | — | Not affected |
| linux-aws-hwe | — | — | — | Not in release |
| linux-gcp-edge | — | — | — | Not affected |
| linux-oracle | — | — | — | Not affected |
| linux-azure-edge | — | — | — | Not affected |
| linux-euclid | — | — | — | Not in release |
| linux-gcp | — | — | — | Not affected |
| linux-gke | — | — | — | Not affected |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | Not affected |
| linux-kvm | — | — | — | Not affected |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | — | — | — | Not affected |
| linux-raspi2 | — | — | — | Not affected |
| linux-snapdragon | — | — | — | Not affected |
An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown...
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux | — | — | — | Not affected |
| linux-aws | — | — | — | Not affected |
| linux-aws-hwe | — | — | — | Not in release |
| linux-azure | — | — | — | Not affected |
| linux-azure-edge | — | — | — | Not affected |
| linux-euclid | — | — | — | Not in release |
| linux-flo | — | — | — | Not in release |
| linux-gcp | — | — | — | Not affected |
| linux-gcp-edge | — | — | — | Not affected |
| linux-gke | — | — | — | Ignored |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | Not affected |
| linux-kvm | — | — | — | Not affected |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | — | — | — | Not affected |
| linux-oracle | — | — | — | Not affected |
| linux-raspi2 | — | — | — | Ignored |
| linux-snapdragon | — | — | — | Ignored |
An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.7.7 and 11.8.x before 11.8.3. It allows Information Disclosure.
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gitlab | — | — | — | Not in release |