Search CVE reports
41 – 50 of 42989 results
ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective is "keysize is not something that is enforced by this library. Currently more recent versions of OpenSSL are enforcing some key...
1 affected package
ruby-jwt
| Package | 16.04 LTS |
|---|---|
| ruby-jwt | Needs evaluation |
In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.
35 affected packages
gst-libav1.0, gst-plugins-bad1.0, gst-plugins-bad1.0-contrib, gst-plugins-base1.0, gst-plugins-good1.0...
| Package | 16.04 LTS |
|---|---|
| gst-libav1.0 | Needs evaluation |
| gst-plugins-bad1.0 | Needs evaluation |
| gst-plugins-bad1.0-contrib | — |
| gst-plugins-base1.0 | Needs evaluation |
| gst-plugins-good1.0 | Needs evaluation |
| gst-plugins-ugly1.0 | Needs evaluation |
| gst-python1.0 | Needs evaluation |
| gst-rtsp-server1.0 | Needs evaluation |
| gstreamer-editing-services1.0 | Needs evaluation |
| gstreamer-vaapi | Needs evaluation |
| gstreamer1.0 | Needs evaluation |
| qt-gstreamer | Needs evaluation |
| rust-gst-plugin-version-helper | — |
| rust-gstreamer | — |
| rust-gstreamer-allocators | — |
| rust-gstreamer-allocators-sys | — |
| rust-gstreamer-audio | — |
| rust-gstreamer-audio-sys | — |
| rust-gstreamer-base | — |
| rust-gstreamer-base-sys | — |
| rust-gstreamer-gl | — |
| rust-gstreamer-gl-egl | — |
| rust-gstreamer-gl-egl-sys | — |
| rust-gstreamer-gl-sys | — |
| rust-gstreamer-gl-wayland | — |
| rust-gstreamer-gl-wayland-sys | — |
| rust-gstreamer-gl-x11 | — |
| rust-gstreamer-gl-x11-sys | — |
| rust-gstreamer-pbutils | — |
| rust-gstreamer-pbutils-sys | — |
| rust-gstreamer-play | — |
| rust-gstreamer-play-sys | — |
| rust-gstreamer-sys | — |
| rust-gstreamer-video | — |
| rust-gstreamer-video-sys | — |
In GStreamer through 1.26.1, the subparse plugin's subrip_unescape_formatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.
35 affected packages
gst-libav1.0, gst-plugins-bad1.0, gst-plugins-bad1.0-contrib, gst-plugins-base1.0, gst-plugins-good1.0...
| Package | 16.04 LTS |
|---|---|
| gst-libav1.0 | Needs evaluation |
| gst-plugins-bad1.0 | Needs evaluation |
| gst-plugins-bad1.0-contrib | — |
| gst-plugins-base1.0 | Needs evaluation |
| gst-plugins-good1.0 | Needs evaluation |
| gst-plugins-ugly1.0 | Needs evaluation |
| gst-python1.0 | Needs evaluation |
| gst-rtsp-server1.0 | Needs evaluation |
| gstreamer-editing-services1.0 | Needs evaluation |
| gstreamer-vaapi | Needs evaluation |
| gstreamer1.0 | Needs evaluation |
| qt-gstreamer | Needs evaluation |
| rust-gst-plugin-version-helper | — |
| rust-gstreamer | — |
| rust-gstreamer-allocators | — |
| rust-gstreamer-allocators-sys | — |
| rust-gstreamer-audio | — |
| rust-gstreamer-audio-sys | — |
| rust-gstreamer-base | — |
| rust-gstreamer-base-sys | — |
| rust-gstreamer-gl | — |
| rust-gstreamer-gl-egl | — |
| rust-gstreamer-gl-egl-sys | — |
| rust-gstreamer-gl-sys | — |
| rust-gstreamer-gl-wayland | — |
| rust-gstreamer-gl-wayland-sys | — |
| rust-gstreamer-gl-x11 | — |
| rust-gstreamer-gl-x11-sys | — |
| rust-gstreamer-pbutils | — |
| rust-gstreamer-pbutils-sys | — |
| rust-gstreamer-play | — |
| rust-gstreamer-play-sys | — |
| rust-gstreamer-sys | — |
| rust-gstreamer-video | — |
| rust-gstreamer-video-sys | — |
In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash.
35 affected packages
gst-libav1.0, gst-plugins-bad1.0, gst-plugins-bad1.0-contrib, gst-plugins-base1.0, gst-plugins-good1.0...
| Package | 16.04 LTS |
|---|---|
| gst-libav1.0 | Needs evaluation |
| gst-plugins-bad1.0 | Needs evaluation |
| gst-plugins-bad1.0-contrib | — |
| gst-plugins-base1.0 | Needs evaluation |
| gst-plugins-good1.0 | Needs evaluation |
| gst-plugins-ugly1.0 | Needs evaluation |
| gst-python1.0 | Needs evaluation |
| gst-rtsp-server1.0 | Needs evaluation |
| gstreamer-editing-services1.0 | Needs evaluation |
| gstreamer-vaapi | Needs evaluation |
| gstreamer1.0 | Needs evaluation |
| qt-gstreamer | Needs evaluation |
| rust-gst-plugin-version-helper | — |
| rust-gstreamer | — |
| rust-gstreamer-allocators | — |
| rust-gstreamer-allocators-sys | — |
| rust-gstreamer-audio | — |
| rust-gstreamer-audio-sys | — |
| rust-gstreamer-base | — |
| rust-gstreamer-base-sys | — |
| rust-gstreamer-gl | — |
| rust-gstreamer-gl-egl | — |
| rust-gstreamer-gl-egl-sys | — |
| rust-gstreamer-gl-sys | — |
| rust-gstreamer-gl-wayland | — |
| rust-gstreamer-gl-wayland-sys | — |
| rust-gstreamer-gl-x11 | — |
| rust-gstreamer-gl-x11-sys | — |
| rust-gstreamer-pbutils | — |
| rust-gstreamer-pbutils-sys | — |
| rust-gstreamer-play | — |
| rust-gstreamer-play-sys | — |
| rust-gstreamer-sys | — |
| rust-gstreamer-video | — |
| rust-gstreamer-video-sys | — |
In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure.
35 affected packages
gst-libav1.0, gst-plugins-bad1.0, gst-plugins-bad1.0-contrib, gst-plugins-base1.0, gst-plugins-good1.0...
| Package | 16.04 LTS |
|---|---|
| gst-libav1.0 | Needs evaluation |
| gst-plugins-bad1.0 | Needs evaluation |
| gst-plugins-bad1.0-contrib | — |
| gst-plugins-base1.0 | Needs evaluation |
| gst-plugins-good1.0 | Needs evaluation |
| gst-plugins-ugly1.0 | Needs evaluation |
| gst-python1.0 | Needs evaluation |
| gst-rtsp-server1.0 | Needs evaluation |
| gstreamer-editing-services1.0 | Needs evaluation |
| gstreamer-vaapi | Needs evaluation |
| gstreamer1.0 | Needs evaluation |
| qt-gstreamer | Needs evaluation |
| rust-gst-plugin-version-helper | — |
| rust-gstreamer | — |
| rust-gstreamer-allocators | — |
| rust-gstreamer-allocators-sys | — |
| rust-gstreamer-audio | — |
| rust-gstreamer-audio-sys | — |
| rust-gstreamer-base | — |
| rust-gstreamer-base-sys | — |
| rust-gstreamer-gl | — |
| rust-gstreamer-gl-egl | — |
| rust-gstreamer-gl-egl-sys | — |
| rust-gstreamer-gl-sys | — |
| rust-gstreamer-gl-wayland | — |
| rust-gstreamer-gl-wayland-sys | — |
| rust-gstreamer-gl-x11 | — |
| rust-gstreamer-gl-x11-sys | — |
| rust-gstreamer-pbutils | — |
| rust-gstreamer-pbutils-sys | — |
| rust-gstreamer-play | — |
| rust-gstreamer-play-sys | — |
| rust-gstreamer-sys | — |
| rust-gstreamer-video | — |
| rust-gstreamer-video-sys | — |
In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure.
35 affected packages
gst-libav1.0, gst-plugins-bad1.0, gst-plugins-bad1.0-contrib, gst-plugins-base1.0, gst-plugins-good1.0...
| Package | 16.04 LTS |
|---|---|
| gst-libav1.0 | Needs evaluation |
| gst-plugins-bad1.0 | Needs evaluation |
| gst-plugins-bad1.0-contrib | — |
| gst-plugins-base1.0 | Needs evaluation |
| gst-plugins-good1.0 | Needs evaluation |
| gst-plugins-ugly1.0 | Needs evaluation |
| gst-python1.0 | Needs evaluation |
| gst-rtsp-server1.0 | Needs evaluation |
| gstreamer-editing-services1.0 | Needs evaluation |
| gstreamer-vaapi | Needs evaluation |
| gstreamer1.0 | Needs evaluation |
| qt-gstreamer | Needs evaluation |
| rust-gst-plugin-version-helper | — |
| rust-gstreamer | — |
| rust-gstreamer-allocators | — |
| rust-gstreamer-allocators-sys | — |
| rust-gstreamer-audio | — |
| rust-gstreamer-audio-sys | — |
| rust-gstreamer-base | — |
| rust-gstreamer-base-sys | — |
| rust-gstreamer-gl | — |
| rust-gstreamer-gl-egl | — |
| rust-gstreamer-gl-egl-sys | — |
| rust-gstreamer-gl-sys | — |
| rust-gstreamer-gl-wayland | — |
| rust-gstreamer-gl-wayland-sys | — |
| rust-gstreamer-gl-x11 | — |
| rust-gstreamer-gl-x11-sys | — |
| rust-gstreamer-pbutils | — |
| rust-gstreamer-pbutils-sys | — |
| rust-gstreamer-play | — |
| rust-gstreamer-play-sys | — |
| rust-gstreamer-sys | — |
| rust-gstreamer-video | — |
| rust-gstreamer-video-sys | — |
Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can...
11 affected packages
golang-1.10, golang-1.13, golang-1.14, golang-1.16, golang-1.17...
| Package | 16.04 LTS |
|---|---|
| golang-1.10 | Needs evaluation |
| golang-1.13 | Needs evaluation |
| golang-1.14 | — |
| golang-1.16 | — |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |
openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.
7 affected packages
openjpeg2, insighttoolkit4, qtwebengine-opensource-src, blender, texmaker...
| Package | 16.04 LTS |
|---|---|
| openjpeg2 | Needs evaluation |
| insighttoolkit4 | Needs evaluation |
| qtwebengine-opensource-src | — |
| blender | Needs evaluation |
| texmaker | Needs evaluation |
| ghostscript | Needs evaluation |
| openjpeg | Needs evaluation |
EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality,...
1 affected package
edk2
| Package | 16.04 LTS |
|---|---|
| edk2 | Needs evaluation |
tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4.
1 affected package
node-tmp
| Package | 16.04 LTS |
|---|---|
| node-tmp | Needs evaluation |