Search CVE reports
3241 – 3250 of 33792 results
An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a crafted script
1 affected package
mimetex
| Package | 20.04 LTS |
|---|---|
| mimetex | Needs evaluation |
A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.
1 affected package
mimetex
| Package | 20.04 LTS |
|---|---|
| mimetex | Needs evaluation |
An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message.
1 affected package
gobgp
| Package | 20.04 LTS |
|---|---|
| gobgp | Fixed |
An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context.
1 affected package
gobgp
| Package | 20.04 LTS |
|---|---|
| gobgp | Fixed |
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.
1 affected package
gobgp
| Package | 20.04 LTS |
|---|---|
| gobgp | Not affected |
An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family).
1 affected package
gobgp
| Package | 20.04 LTS |
|---|---|
| gobgp | Fixed |
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item.
1 affected package
libheif
| Package | 20.04 LTS |
|---|---|
| libheif | Not affected |
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc.
1 affected package
libheif
| Package | 20.04 LTS |
|---|---|
| libheif | Not affected |
Some fixes available 1 of 7
In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.
8 affected packages
dcraw, ufraw, darktable, exactimage, rawtherapee...
| Package | 20.04 LTS |
|---|---|
| dcraw | Needs evaluation |
| ufraw | Not in release |
| darktable | Needs evaluation |
| exactimage | Needs evaluation |
| rawtherapee | Needs evaluation |
| libraw | Fixed |
| kodi | Needs evaluation |
| digikam | Needs evaluation |
Some fixes available 1 of 7
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing.
8 affected packages
ufraw, darktable, exactimage, dcraw, rawtherapee...
| Package | 20.04 LTS |
|---|---|
| ufraw | Not in release |
| darktable | Needs evaluation |
| exactimage | Needs evaluation |
| dcraw | Needs evaluation |
| rawtherapee | Needs evaluation |
| kodi | Needs evaluation |
| digikam | Needs evaluation |
| libraw | Fixed |