Search CVE reports
541 – 550 of 27411 results
The MongoDB C Driver's legacy GridFS API accepts malformed file metadata from the database without adequate validation. Crafted documents in a GridFS collection may cause any application that reads those files via the legacy API...
1 affected package
mongo-c-driver
| Package | 26.04 LTS |
|---|---|
| mongo-c-driver | Needs evaluation |
Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter,...
1 affected package
php-twig
| Package | 26.04 LTS |
|---|---|
| php-twig | Needs evaluation |
MediaArea MediaInfoLib Channel Splitting heap-based buffer overflow vulnerability
1 affected package
libmediainfo
| Package | 26.04 LTS |
|---|---|
| libmediainfo | Needs evaluation |
A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially...
1 affected package
389-ds-base
| Package | 26.04 LTS |
|---|---|
| 389-ds-base | Needs evaluation |
`PluginScript` attempts to `chroot` the plugin to the `repoManagerRoot`, this root is frequently `/` (the system root) in standard configurations or when using `--root`. If the chroot target is `/`, it is a no-op, allowing the...
1 affected package
libzypp
| Package | 26.04 LTS |
|---|---|
| libzypp | Needs evaluation |
In `src/havegecmd.c`, the `socket_handler` function performs a credential check on the abstract UNIX socket (`\0/sys/entropy/haveged`). However, while it detects if the connecting user is not root (`cred.uid != 0`) and prepares a...
1 affected package
haveged
| Package | 26.04 LTS |
|---|---|
| haveged | Needs evaluation |
In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by sasl_server_userdb_checkpass.
1 affected package
memcached
| Package | 26.04 LTS |
|---|---|
| memcached | Fixed |
In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by sasl_server_userdb_checkpass.
1 affected package
memcached
| Package | 26.04 LTS |
|---|---|
| memcached | Fixed |
Some fixes available 1 of 2
An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific...
3 affected packages
bind9, isc-dhcp, bind9-libs
| Package | 26.04 LTS |
|---|---|
| bind9 | Fixed |
| isc-dhcp | Needs evaluation |
| bind9-libs | Not in release |
Some fixes available 1 of 2
Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature. If, during that validation, the...
3 affected packages
bind9, isc-dhcp, bind9-libs
| Package | 26.04 LTS |
|---|---|
| bind9 | Fixed |
| isc-dhcp | Needs evaluation |
| bind9-libs | Not in release |