Search CVE reports
1 – 10 of 36961 results
Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection, e.g., because comments are mishandled.
1 affected package
roundcube
| Package | 20.04 LTS |
|---|---|
| roundcube | Needs evaluation |
[Unknown description]
2 affected packages
kanboard-cli, python-kanboard
| Package | 20.04 LTS |
|---|---|
| kanboard-cli | Needs evaluation |
| python-kanboard | Needs evaluation |
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.get_tablesample_ratio function is then...
8 affected packages
postgresql-18, postgresql-17, postgresql-16, postgresql-14, postgresql-12...
| Package | 20.04 LTS |
|---|---|
| postgresql-18 | — |
| postgresql-17 | — |
| postgresql-16 | — |
| postgresql-14 | — |
| postgresql-12 | Needs evaluation |
| postgresql-10 | — |
| postgresql-9.5 | — |
| postgresql-9.3 | — |
[PSD loader: heap-buffer-overflow in fread_pascal_string() (no null terminator)]
1 affected package
gimp
| Package | 20.04 LTS |
|---|---|
| gimp | Needs evaluation |
A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by...
1 affected package
graphicsmagick
| Package | 20.04 LTS |
|---|---|
| graphicsmagick | Needs evaluation |
A race condition vulnerability exists in MedusaJS Medusa v2.12.2 and earlier in the registerUsage() function of the promotion module. The function performs a non-atomic read-check-update operation when enforcing promotion usage...
1 affected package
medusa
| Package | 20.04 LTS |
|---|---|
| medusa | Needs evaluation |
A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized (but allocated) memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An...
1 affected package
graphicsmagick
| Package | 20.04 LTS |
|---|---|
| graphicsmagick | Needs evaluation |
Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity.
1 affected package
amd64-microcode
| Package | 20.04 LTS |
|---|---|
| amd64-microcode | Needs evaluation |
Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.
1 affected package
amd64-microcode
| Package | 20.04 LTS |
|---|---|
| amd64-microcode | Needs evaluation |
Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integrity.
1 affected package
amd64-microcode
| Package | 20.04 LTS |
|---|---|
| amd64-microcode | Needs evaluation |