Search CVE reports
171 – 180 of 490 results
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in...
1 affected package
libhibernate-validator-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libhibernate-validator-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.
6 affected packages
koffice, libextractor, poppler, xpdf, ipe, kdegraphics
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| koffice | — | — | — | — |
| libextractor | — | — | — | — |
| poppler | — | — | — | — |
| xpdf | — | — | — | — |
| ipe | — | — | — | — |
| kdegraphics | — | — | — | — |
xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.
6 affected packages
ipe, kdegraphics, koffice, libextractor, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| libextractor | — | — | — | — |
| poppler | — | — | — | — |
| xpdf | — | — | — | — |
GPAC 0.7.1 has a memory leak in dinf_Read in isomedia/box_code_base.c.
2 affected packages
ccextractor, gpac
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ccextractor | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
| gpac | Not affected | Not affected | Not affected | Not affected |
audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
2 affected packages
ccextractor, gpac
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ccextractor | Needs evaluation | Vulnerable | Vulnerable | Not in release |
| gpac | Not affected | Not affected | Vulnerable | Vulnerable |
AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication =...
2 affected packages
ccextractor, gpac
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ccextractor | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
| gpac | Not affected | Not affected | Vulnerable | Vulnerable |
Some fixes available 1 of 4
GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c.
1 affected package
libextractor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libextractor | Not affected | Not affected | Not affected | Vulnerable |
Some fixes available 1 of 6
Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided.
2 affected packages
fusiondirectory, gosa
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| fusiondirectory | Not in release | Not affected | Not affected | Needs evaluation |
| gosa | Not affected | Not affected | Not affected | Needs evaluation |
A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in openstack-ironic-inspector's node_cache.find_node(). This function...
1 affected package
ironic-inspector
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ironic-inspector | Not affected | Not affected | Not affected | Vulnerable |
An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read.
4 affected packages
ipe, libextractor, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| poppler | Not affected | Not affected | Not affected | Not affected |
| xpdf | Not affected | Not affected | Not in release | Not affected |