Search CVE reports

101 – 108 of 108 results

Detailed view

Sort by:

CVE-2009-3560

Medium priority

Some fixes available 83 of 502

The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed...

41 affected packages

vtk, apache2, python-xml, paraview, poco...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
vtk	—	Not in release	Not in release	Not in release	Not in release
apache2	—	Not affected	Not affected	Not affected	Not affected
python-xml	—	Not in release	Not in release	Not in release	Not in release
paraview	—	Not affected	Not affected	Not affected	Not affected
poco	—	Not affected	Not affected	Not affected	Not affected
libparagui1.1	—	Not in release	Not in release	Not in release	Not in release
insighttoolkit	—	Not in release	Not in release	Not in release	Not in release
ayttm	—	Not in release	Not in release	Not in release	Not in release
audacity	—	Not affected	Not affected	Not affected	Not affected
smart	—	Not in release	Not in release	Not in release	Not affected
libxmltok	—	Not affected	Not affected	Not affected	Not affected
matanza	—	Ignored	Ignored	Ignored	Ignored
swish-e	—	Needs evaluation	Needs evaluation	Ignored	Ignored
coin3	—	Not affected	Not affected	Not affected	Vulnerable
apr-util	—	Not affected	Not affected	Not affected	Not affected
cableswig	—	Not in release	Not in release	Not in release	Not in release
cadaver	—	Not affected	Not affected	Not affected	Not affected
celementtree	—	Not in release	Not in release	Not in release	Not in release
cmake	—	Not affected	Not affected	Not affected	Not affected
expat	—	Fixed	Fixed	Fixed	Fixed
gdcm	—	Not affected	Not affected	Not affected	Not affected
ghostscript	—	Not affected	Not affected	Not affected	Not affected
grmonitor	—	Not in release	Not in release	Not in release	Not in release
kompozer	—	Not in release	Not in release	Not in release	Not in release
python2.4	—	Not in release	Not in release	Not in release	Not in release
python2.5	—	Not in release	Not in release	Not in release	Not in release
python2.6	—	Not in release	Not in release	Not in release	Not in release
simgear	—	Not affected	Not affected	Not affected	Not affected
sitecopy	—	Not in release	Not affected	Not affected	Not affected
tdom	—	Not affected	Not affected	Not affected	Not affected
texlive-bin	—	Not affected	Not affected	Not affected	Not affected
tla	—	Not affected	Not affected	Not affected	Not affected
vnc4	—	Not in release	Not in release	Not in release	Not affected
w3c-libwww	—	Not in release	Not in release	Not in release	Not in release
wbxml2	—	Not affected	Not affected	Not affected	Not affected
wxwidgets2.6	—	Not in release	Not in release	Not in release	Not in release
wxwidgets2.8	—	Not in release	Not in release	Not in release	Not in release
wxwindows2.4	—	Not in release	Not in release	Not in release	Not in release
xmlrpc-c	—	Fixed	Fixed	Fixed	Fixed
xotcl	—	Not affected	Not affected	Not affected	Not affected
xulrunner	—	Not in release	Not in release	Not in release	Not in release

CVE-2009-3720

Low priority

Some fixes available 83 of 535

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML...

41 affected packages

apache2, apr-util, expat, cmake, celementtree...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
apache2	—	Not affected	Not affected	Not affected	Not affected
apr-util	—	Not affected	Not affected	Not affected	Not affected
expat	—	Fixed	Fixed	Fixed	Fixed
cmake	—	Not affected	Not affected	Not affected	Not affected
celementtree	—	Not in release	Not in release	Not in release	Not in release
paraview	—	Not affected	Not affected	Not affected	Not affected
vnc4	—	Not in release	Not in release	Not in release	Not affected
poco	—	Not affected	Not affected	Not affected	Not affected
kompozer	—	Not in release	Not in release	Not in release	Not in release
cadaver	—	Vulnerable	Vulnerable	Vulnerable	Vulnerable
ayttm	—	Not in release	Not in release	Not in release	Not in release
audacity	—	Not affected	Not affected	Not affected	Not affected
matanza	—	Ignored	Ignored	Ignored	Ignored
libxmltok	—	Not affected	Not affected	Not affected	Not affected
smart	—	Not in release	Not in release	Not in release	Not affected
texlive-bin	—	Not affected	Not affected	Not affected	Not affected
wxwidgets2.8	—	Not in release	Not in release	Not in release	Not in release
tla	—	Not affected	Not affected	Not affected	Not affected
libparagui1.1	—	Not in release	Not in release	Not in release	Not in release
sitecopy	—	Not in release	Not affected	Not affected	Not affected
wbxml2	—	Not affected	Not affected	Not affected	Not affected
xulrunner	—	Not in release	Not in release	Not in release	Not in release
insighttoolkit	—	Not in release	Not in release	Not in release	Not in release
wxwindows2.4	—	Not in release	Not in release	Not in release	Not in release
cableswig	—	Not in release	Not in release	Not in release	Not in release
gdcm	—	Not affected	Not affected	Not affected	Not affected
grmonitor	—	Not in release	Not in release	Not in release	Not in release
tdom	—	Not affected	Not affected	Not affected	Not affected
vtk	—	Not in release	Not in release	Not in release	Not in release
coin3	—	Vulnerable	Vulnerable	Vulnerable	Vulnerable
swish-e	—	Needs evaluation	Needs evaluation	Ignored	Ignored
python-xml	—	Not in release	Not in release	Not in release	Not in release
python2.4	—	Not in release	Not in release	Not in release	Not in release
python2.5	—	Not in release	Not in release	Not in release	Not in release
python2.6	—	Not in release	Not in release	Not in release	Not in release
w3c-libwww	—	Not in release	Not in release	Not in release	Not in release
wxwidgets2.6	—	Not in release	Not in release	Not in release	Not in release
xmlrpc-c	—	Fixed	Fixed	Fixed	Fixed
xotcl	—	Not affected	Not affected	Not affected	Not affected
ghostscript	—	Not affected	Not affected	Not affected	Not affected
simgear	—	Not affected	Not affected	Not affected	Not affected

CVE-2009-2699

Medium priority

Not affected

The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle...

1 affected package

apr

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
apr	—	—	—	—	—

CVE-2009-2412

Medium priority

Fixed

Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly...

3 affected packages

apache2, apr, apr-util

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
apache2	—	—	—	—	—
apr	—	—	—	—	—
apr-util	—	—	—	—	—

CVE-2009-1956

Medium priority

Fixed

Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.

2 affected packages

apache2, apr-util

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
apache2	—	—	—	—	—
apr-util	—	—	—	—	—

CVE-2009-1955

Medium priority

Fixed

The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service...

2 affected packages

apache2, apr-util

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
apache2	—	—	—	—	—
apr-util	—	—	—	—	—

CVE-2009-0023

Medium priority

Fixed

The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the...

2 affected packages

apache2, apr-util

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
apache2	—	—	—	—	—
apr-util	—	—	—	—	—

CVE-2006-0042

Medium priority

Fixed

Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial of service (CPU consumption) via unknown attack...

1 affected package

libapreq2

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libapreq2	—	—	—	—	—

Export to JSON

Results by page: