Search CVE reports
31 – 40 of 36758 results
In GnuPG before 2.5.17, a long signature packet length causes parse_signature to return success with sig->data[] set to a NULL value, leading to a denial of service (application crash).
1 affected package
gnupg2
| Package | 20.04 LTS |
|---|---|
| gnupg2 | Not affected |
In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys.
1 affected package
gnupg2
| Package | 20.04 LTS |
|---|---|
| gnupg2 | Not affected |
In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged...
1 affected package
gnupg2
| Package | 20.04 LTS |
|---|---|
| gnupg2 | Not affected |
User-controlled chunkSize metadata from MongoDB lacks appropriate validation allowing malformed GridFS metadata to overflow the bounding container.
1 affected package
mongodb
| Package | 20.04 LTS |
|---|---|
| mongodb | Needs evaluation |
Use-after-free in the Layout: Scrolling and Overflow component. This vulnerability affects Firefox < 147.0.2.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 20.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | — |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability affects Firefox < 147.0.2.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 20.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | — |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the...
1 affected package
xrdp
| Package | 20.04 LTS |
|---|---|
| xrdp | Needs evaluation |
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_create_read_struct() function.
5 affected packages
libpng, firefox, thunderbird, chromium-browser, libpng1.6
| Package | 20.04 LTS |
|---|---|
| libpng | — |
| firefox | — |
| thunderbird | — |
| chromium-browser | — |
| libpng1.6 | Not affected |
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer (ASan), the program leaks memory in various locations, eventually leading to high...
5 affected packages
libpng, firefox, thunderbird, chromium-browser, libpng1.6
| Package | 20.04 LTS |
|---|---|
| libpng | — |
| firefox | — |
| thunderbird | — |
| chromium-browser | — |
| libpng1.6 | Not affected |
A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker...
1 affected package
glib2.0
| Package | 20.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |