Search CVE reports
321 – 330 of 47232 results
Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed....
1 affected package
suricata
| Package | 16.04 LTS |
|---|---|
| suricata | Needs evaluation |
xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the...
1 affected package
xrdp
| Package | 16.04 LTS |
|---|---|
| xrdp | Needs evaluation |
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_create_read_struct() function.
5 affected packages
libpng, firefox, thunderbird, chromium-browser, libpng1.6
| Package | 16.04 LTS |
|---|---|
| libpng | Not affected |
| firefox | — |
| thunderbird | — |
| chromium-browser | — |
| libpng1.6 | Not affected |
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer (ASan), the program leaks memory in various locations, eventually leading to high...
5 affected packages
libpng, firefox, thunderbird, chromium-browser, libpng1.6
| Package | 16.04 LTS |
|---|---|
| libpng | Not affected |
| firefox | — |
| thunderbird | — |
| chromium-browser | — |
| libpng1.6 | Not affected |
A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker...
1 affected package
glib2.0
| Package | 16.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This...
1 affected package
glib2.0
| Package | 16.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory...
1 affected package
glib2.0
| Package | 16.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to...
2 affected packages
libsoup2.4, libsoup3
| Package | 16.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | — |
Integer Overflow or Wraparound vulnerability in RawTherapee (rtengine modules). This vulnerability is associated with program files dcraw.Cc. This issue affects RawTherapee: through 5.11.
1 affected package
rawtherapee
| Package | 16.04 LTS |
|---|---|
| rawtherapee | Needs evaluation |
The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions:* action. As a result, a user who has permission management rights on one dashboard can read and...
1 affected package
grafana
| Package | 16.04 LTS |
|---|---|
| grafana | Needs evaluation |