Search CVE reports
71 – 80 of 27179 results
A vulnerability, which was classified as problematic, was found in libav up to 12.3. This affects the function ff_seek_frame_binary of the file /libavformat/utils.c of the component MPEG File Parser. The manipulation leads to null...
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | Not in release |
A vulnerability classified as problematic was found in libav up to 12.3. Affected by this vulnerability is the function av_buffer_unref of the file libavutil/buffer.c of the component AVI File Parser. The manipulation leads to...
2 affected packages
libav, ffmpeg
| Package | 24.04 LTS |
|---|---|
| libav | Not in release |
| ffmpeg | Needs evaluation |
A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It...
5 affected packages
tiff, qtwebengine-opensource-src, texmaker, gdal, neuron
| Package | 24.04 LTS |
|---|---|
| tiff | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation |
| texmaker | Needs evaluation |
| gdal | Not affected |
| neuron | Not affected |
OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG 2.5.3 and earlier, a call to opj_jp2_read_header may lead to OOB heap memory write when the data stream p_stream is too short and p_image is not initialized.
7 affected packages
insighttoolkit4, qtwebengine-opensource-src, blender, texmaker, ghostscript...
| Package | 24.04 LTS |
|---|---|
| insighttoolkit4 | Not in release |
| qtwebengine-opensource-src | Needs evaluation |
| blender | Needs evaluation |
| texmaker | Needs evaluation |
| ghostscript | Not affected |
| openjpeg | Not in release |
| openjpeg2 | Not affected |
ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL...
1 affected package
libphp-adodb
| Package | 24.04 LTS |
|---|---|
| libphp-adodb | Needs evaluation |
The YouDao plugin for StarDict, as used in stardict 3.0.7+git20220909+dfsg-6 in Debian trixie and elsewhere, sends an X11 selection to the dict.youdao.com and dict.cn servers via cleartext HTTP.
1 affected package
stardict
| Package | 24.04 LTS |
|---|---|
| stardict | Needs evaluation |
Not in release
An Insecure Direct Object Reference (IDOR) vulnerability was discovered in SOGo Webmail thru 5.6.0, allowing an authenticated user to send emails on behalf of other users by manipulating a user-controlled identifier in...
1 affected package
sogo
| Package | 24.04 LTS |
|---|---|
| sogo | Not in release |
An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the `mutool clean` utility. When processing a crafted PDF file containing cyclic /Next references in the...
1 affected package
mupdf
| Package | 24.04 LTS |
|---|---|
| mupdf | Needs evaluation |
Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c.
1 affected package
cairo
| Package | 24.04 LTS |
|---|---|
| cairo | Needs evaluation |
An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service (DoS).
1 affected package
poppler
| Package | 24.04 LTS |
|---|---|
| poppler | Needs evaluation |