Search CVE reports
231 – 240 of 881 results
Some fixes available 1 of 40
The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Infinite Loop) via a crafted XML file.
7 affected packages
gst-libav1.0, mythtv, ffmpeg, libav, mplayer...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-libav1.0 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| mythtv | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ffmpeg | Not affected | Not affected | Not affected | Fixed |
| libav | Not in release | Not in release | Not in release | Not in release |
| mplayer | Not affected | Not affected | Not affected | Not affected |
| oxide-qt | Not in release | Not in release | Not in release | Not in release |
| vlc | Not affected | Not affected | Not affected | Not affected |
Some fixes available 6 of 11
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial...
4 affected packages
sqlite, sqlite3, chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| sqlite | — | — | — | Not affected |
| sqlite3 | — | — | — | Not affected |
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 6 of 9
Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to corrupt memory and possibly leak information and potentially execute code via a crafted PDF file.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 6 of 9
Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 6 of 9
An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 8 of 15
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
3 affected packages
libxml2, chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libxml2 | — | — | — | Fixed |
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 6 of 9
A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 6 of 9
Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 6 of 9
Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 6 of 9
A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |