Search CVE reports
41 – 50 of 39943 results
Heap OOB read resulting in segfault on crafted DNS packets.
1 affected package
dnsmasq
| Package | 20.04 LTS |
|---|---|
| dnsmasq | Vulnerable |
An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information.
1 affected package
dnsmasq
| Package | 20.04 LTS |
|---|---|
| dnsmasq | Fixed |
A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet.
1 affected package
dnsmasq
| Package | 20.04 LTS |
|---|---|
| dnsmasq | Fixed |
Heap OOB read on crafted DNS packet when DNSSEC validation is enabled.
1 affected package
dnsmasq
| Package | 20.04 LTS |
|---|---|
| dnsmasq | Vulnerable |
A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.
1 affected package
dnsmasq
| Package | 20.04 LTS |
|---|---|
| dnsmasq | Fixed |
dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS.
1 affected package
dnsmasq
| Package | 20.04 LTS |
|---|---|
| dnsmasq | Fixed |
A vulnerability was detected in WebAssembly Binaryen up to 117. This issue affects the function IRBuilder::makeBrOn of the file src/wasm/wasm-ir-builder.cpp of the component BrOn Parser. Performing a manipulation results in...
1 affected package
binaryen
| Package | 20.04 LTS |
|---|---|
| binaryen | Needs evaluation |
A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer...
1 affected package
gdal
| Package | 20.04 LTS |
|---|---|
| gdal | Needs evaluation |
In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the metaphone() function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input...
7 affected packages
php5, php7.0, php7.2, php7.4, php8.1...
| Package | 20.04 LTS |
|---|---|
| php5 | — |
| php7.0 | — |
| php7.2 | — |
| php7.4 | Needs evaluation |
| php8.1 | — |
| php8.3 | — |
| php8.4 | — |
In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, resulting in a segmentation fault...
7 affected packages
php5, php7.0, php7.2, php7.4, php8.1...
| Package | 20.04 LTS |
|---|---|
| php5 | — |
| php7.0 | — |
| php7.2 | — |
| php7.4 | Needs evaluation |
| php8.1 | — |
| php8.3 | — |
| php8.4 | — |