Search CVE reports
261 – 270 of 35777 results
A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the...
1 affected package
assimp
| Package | 22.04 LTS |
|---|---|
| assimp | Needs evaluation |
A security vulnerability has been detected in Mapnik up to 4.2.0. This issue affects the function mapnik::dbf_file::string_value of the file plugins/input/shape/dbfile.cpp. Such manipulation leads to heap-based buffer overflow....
1 affected package
mapnik
| Package | 22.04 LTS |
|---|---|
| mapnik | Needs evaluation |
A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The...
1 affected package
opencc
| Package | 22.04 LTS |
|---|---|
| opencc | Fixed |
Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a...
1 affected package
gradle
| Package | 22.04 LTS |
|---|---|
| gradle | Needs evaluation |
Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a...
1 affected package
gradle
| Package | 22.04 LTS |
|---|---|
| gradle | Needs evaluation |
node-tar is a Tar for Node.js. The node-tar library (<= 7.5.2) fails to sanitize the linkpath of Link (hardlink) and SymbolicLink entries when preservePaths is false (the default secure behavior). This allows malicious archives to...
1 affected package
node-tar
| Package | 22.04 LTS |
|---|---|
| node-tar | Needs evaluation |
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl() method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1.
1 affected package
cakephp
| Package | 22.04 LTS |
|---|---|
| cakephp | Needs evaluation |
wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.2, the multi-translation download could write to an arbitrary location when instructed by a crafted server. This vulnerability is fixed in 1.17.2.
1 affected package
wlc
| Package | 22.04 LTS |
|---|---|
| wlc | Needs evaluation |
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2.
1 affected package
pyasn1
| Package | 22.04 LTS |
|---|---|
| pyasn1 | Fixed |
Best Practical Request Tracker (RT) before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used.
2 affected packages
request-tracker4, request-tracker5
| Package | 22.04 LTS |
|---|---|
| request-tracker4 | Needs evaluation |
| request-tracker5 | Needs evaluation |