Search CVE reports
51 – 60 of 498 results
An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).
1 affected package
ghostscript
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ghostscript | — | Fixed | Fixed | Not affected | Not affected |
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.
1 affected package
ghostscript
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ghostscript | — | Fixed | Fixed | Fixed | Fixed |
Some fixes available 7 of 74
An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.
23 affected packages
smart, apache2, apr-util, cmake, ghostscript...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| smart | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| apache2 | Not affected | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected | Not affected |
| cmake | Not affected | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
| texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
| xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| vnc4 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| insighttoolkit4 | Not in release | Not in release | Needs evaluation | Ignored | Needs evaluation |
| expat | Not affected | Fixed | Fixed | Fixed | Fixed |
| cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| gdcm | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| ayttm | Not in release | Not in release | Not in release | Not in release | — |
| cableswig | Not in release | Not in release | Not in release | Not in release | — |
| coin3 | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| matanza | Ignored | Ignored | Ignored | Ignored | Ignored |
| tdom | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| vtk | Not in release | Not in release | Not in release | Not in release | — |
| firefox | Not affected | Not affected | Not affected | Not in release | — |
| thunderbird | Not affected | Not affected | Not affected | Not in release | — |
| libxmltok | Not in release | Not affected | Not affected | Not affected | Not affected |
Some fixes available 6 of 73
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
23 affected packages
tdom, apache2, apr-util, cmake, ghostscript...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tdom | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| apache2 | Not affected | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected | Not affected |
| cmake | Not affected | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
| texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
| xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| vnc4 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| insighttoolkit4 | Not in release | Not in release | Needs evaluation | Ignored | Needs evaluation |
| cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| gdcm | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| ayttm | Not in release | Not in release | Not in release | Not in release | — |
| cableswig | Not in release | Not in release | Not in release | Not in release | — |
| coin3 | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| matanza | Ignored | Ignored | Ignored | Ignored | Ignored |
| vtk | Not in release | Not in release | Not in release | Not in release | — |
| smart | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| firefox | Not affected | Not affected | Not affected | Not in release | — |
| thunderbird | Not affected | Not affected | Not affected | Not in release | — |
| libxmltok | Not in release | Not affected | Not affected | Not affected | Not affected |
| expat | Not affected | Fixed | Fixed | Fixed | Fixed |
Some fixes available 13 of 80
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
23 affected packages
apache2, apr-util, cmake, ghostscript, texlive-bin...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| apache2 | Not affected | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected | Not affected |
| cmake | Not affected | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
| texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
| xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| vnc4 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| insighttoolkit4 | Not in release | Not in release | Needs evaluation | Ignored | Needs evaluation |
| cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| gdcm | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| ayttm | Not in release | Not in release | Not in release | Not in release | — |
| cableswig | Not in release | Not in release | Not in release | Not in release | — |
| coin3 | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| matanza | Ignored | Ignored | Ignored | Ignored | Ignored |
| tdom | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| vtk | Not in release | Not in release | Not in release | Not in release | — |
| smart | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| firefox | Not affected | Not affected | Not affected | Not in release | — |
| thunderbird | Not affected | Not affected | Not affected | Not in release | — |
| libxmltok | Not in release | Fixed | Fixed | Fixed | Fixed |
| expat | Not affected | Fixed | Fixed | Fixed | Fixed |
Some fixes available 13 of 80
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.
23 affected packages
expat, apache2, apr-util, cmake, ghostscript...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| expat | Not affected | Fixed | Fixed | Fixed | Fixed |
| apache2 | Not affected | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected | Not affected |
| cmake | Not affected | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
| texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
| xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| vnc4 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| insighttoolkit4 | Not in release | Not in release | Needs evaluation | Ignored | Needs evaluation |
| cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| gdcm | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| ayttm | Not in release | Not in release | Not in release | Not in release | — |
| cableswig | Not in release | Not in release | Not in release | Not in release | — |
| coin3 | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| matanza | Ignored | Ignored | Ignored | Ignored | Ignored |
| tdom | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| vtk | Not in release | Not in release | Not in release | Not in release | — |
| smart | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| firefox | Not affected | Not affected | Not affected | Not in release | — |
| thunderbird | Not affected | Not affected | Not affected | Not in release | — |
| libxmltok | Not in release | Fixed | Fixed | Fixed | Fixed |
TightVNC (Server for Windows) before 2.8.84 allows attackers to connect to the control pipe via a network connection.
1 affected package
tightvnc
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tightvnc | — | Not affected | Not affected | Not affected | Not affected |
A flaw was found in OpenJPEG. A resource exhaustion can occur in the opj_t1_decode_cblks function in tcd.c through a crafted image file, causing a denial of service.
7 affected packages
openjpeg2, insighttoolkit4, qtwebengine-opensource-src, blender, texmaker...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openjpeg2 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| insighttoolkit4 | Not in release | Not in release | Needs evaluation | Ignored | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| blender | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| texmaker | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| ghostscript | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| openjpeg | Not in release | Not in release | Not in release | Not in release | — |
Some fixes available 11 of 43
A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal.
7 affected packages
insighttoolkit4, qtwebengine-opensource-src, blender, texmaker, ghostscript...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| insighttoolkit4 | Not in release | Not in release | Needs evaluation | Ignored | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| blender | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| texmaker | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| ghostscript | Not affected | Not affected | Not affected | Not affected | Fixed |
| openjpeg | Not in release | Not in release | Not in release | Not in release | — |
| openjpeg2 | Fixed | Fixed | Fixed | Fixed | Fixed |
A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file.
7 affected packages
openjpeg2, insighttoolkit4, qtwebengine-opensource-src, blender, texmaker...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openjpeg2 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| insighttoolkit4 | Not in release | Not in release | Needs evaluation | Ignored | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| blender | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| texmaker | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| ghostscript | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| openjpeg | Not in release | Not in release | Not in release | Not in release | — |