Search CVE reports
51 – 60 of 32672 results
poco v1.14.1-release was discovered to contain weak encryption.
1 affected package
poco
| Package | 20.04 LTS |
|---|---|
| poco | Needs evaluation |
The filepath.Walk and filepath.WalkDir functions are documented as not following symbolic links, but both functions are susceptible to a TOCTOU (time of check/time of use) race condition where a portion of the path being walked is...
11 affected packages
golang-1.10, golang-1.13, golang-1.14, golang-1.16, golang-1.17...
| Package | 20.04 LTS |
|---|---|
| golang-1.10 | — |
| golang-1.13 | Needs evaluation |
| golang-1.14 | Needs evaluation |
| golang-1.16 | Needs evaluation |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.20 | Needs evaluation |
| golang-1.21 | Needs evaluation |
| golang-1.22 | Needs evaluation |
| golang-1.23 | — |
| golang-1.24 | — |
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. In versions 2.9.11 and below, an attacker can override the HTTP response’s Content-Type, which could lead to several...
1 affected package
modsecurity
| Package | 20.04 LTS |
|---|---|
| modsecurity | Needs evaluation |
A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot (U-Boot) v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution.
2 affected packages
u-boot, u-boot-nezha
| Package | 20.04 LTS |
|---|---|
| u-boot | Needs evaluation |
| u-boot-nezha | — |
A vulnerability, which was classified as critical, has been found in libav up to 12.3. Affected by this issue is the function main of the file /avtools/avconv.c of the component DSS File Demuxer. The manipulation leads to double...
2 affected packages
ffmpeg, libav
| Package | 20.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | — |
A vulnerability, which was classified as problematic, was found in libav up to 12.3. This affects the function ff_seek_frame_binary of the file /libavformat/utils.c of the component MPEG File Parser. The manipulation leads to null...
2 affected packages
ffmpeg, libav
| Package | 20.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | — |
A vulnerability classified as problematic was found in libav up to 12.3. Affected by this vulnerability is the function av_buffer_unref of the file libavutil/buffer.c of the component AVI File Parser. The manipulation leads to...
2 affected packages
libav, ffmpeg
| Package | 20.04 LTS |
|---|---|
| libav | — |
| ffmpeg | Needs evaluation |
A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It...
5 affected packages
tiff, qtwebengine-opensource-src, texmaker, gdal, neuron
| Package | 20.04 LTS |
|---|---|
| tiff | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation |
| texmaker | Needs evaluation |
| gdal | Not affected |
| neuron | Needs evaluation |
OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG 2.5.3 and earlier, a call to opj_jp2_read_header may lead to OOB heap memory write when the data stream p_stream is too short and p_image is not initialized.
7 affected packages
insighttoolkit4, qtwebengine-opensource-src, blender, texmaker, ghostscript...
| Package | 20.04 LTS |
|---|---|
| insighttoolkit4 | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation |
| blender | Needs evaluation |
| texmaker | Needs evaluation |
| ghostscript | Not affected |
| openjpeg | — |
| openjpeg2 | Not affected |
ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL...
1 affected package
libphp-adodb
| Package | 20.04 LTS |
|---|---|
| libphp-adodb | Needs evaluation |