Search CVE reports

Toggle filters

141 – 150 of 498 results

CVE-2020-27814

Medium priority

Some fixes available 17 of 30

A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
blender Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Fixed
insighttoolkit4 Not in release Not in release Not affected Not affected Not affected
openjpeg Not in release Not in release Not in release Not in release Not in release
openjpeg2 Fixed Fixed Fixed Fixed Fixed
texmaker Not affected Not affected Not affected Not affected Not affected
qtwebengine-opensource-src Vulnerable Vulnerable Vulnerable Vulnerable Not affected
Show all 7 packages Show less packages

CVE-2020-26237

Medium priority
Needs evaluation

Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution...

1 affected package

highlight.js

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
highlight.js Needs evaluation Needs evaluation Needs evaluation Ignored Ignored
Show less packages

CVE-2020-25708

Medium priority

Some fixes available 17 of 47

A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception,...

6 affected packages

x11vnc, libvncserver, vino, italc, tightvnc, veyon

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
x11vnc Not affected Not affected Not affected Not affected Not affected
libvncserver Not affected Not affected Not affected Fixed Fixed
vino Not in release Fixed Fixed Fixed Fixed
italc Not in release Not in release Not in release Not in release Ignored
tightvnc Needs evaluation Needs evaluation Needs evaluation Ignored Ignored
veyon Needs evaluation Needs evaluation Needs evaluation Ignored Not in release
Show less packages

CVE-2020-14373

Medium priority
Not affected

A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.

1 affected package

ghostscript

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ghostscript Not affected Not affected
Show less packages

CVE-2020-17538

Medium priority
Fixed

A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

1 affected package

ghostscript

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ghostscript Fixed Fixed
Show less packages

CVE-2020-16310

Medium priority
Fixed

A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

1 affected package

ghostscript

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ghostscript Fixed Fixed
Show less packages

CVE-2020-16309

Medium priority
Fixed

A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51.

1 affected package

ghostscript

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ghostscript Fixed Fixed
Show less packages

CVE-2020-16308

Medium priority
Fixed

A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

1 affected package

ghostscript

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ghostscript Fixed Fixed
Show less packages

CVE-2020-16307

Medium priority
Fixed

A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51.

1 affected package

ghostscript

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ghostscript Fixed Fixed
Show less packages

CVE-2020-16306

Medium priority
Fixed

A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51.

1 affected package

ghostscript

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ghostscript Fixed Fixed
Show less packages
  1. Previous page
  2. 13
  3. 14
  4. 15
  5. 16
  6. 17
  7. Next page
Export to JSON