Search CVE reports
3491 – 3500 of 60258 results
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item.
1 affected package
libheif
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libheif | Not affected | Not affected | Not affected | Not affected |
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc.
1 affected package
libheif
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libheif | Not affected | Not affected | Not affected | Not affected |
Some fixes available 7 of 51
In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.
8 affected packages
dcraw, ufraw, darktable, exactimage, rawtherapee...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ufraw | Not in release | Not in release | Not in release | Needs evaluation |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libraw | Fixed | Fixed | Fixed | Fixed |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| digikam | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 7 of 51
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing.
8 affected packages
ufraw, darktable, exactimage, dcraw, rawtherapee...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ufraw | Not in release | Not in release | Not in release | Needs evaluation |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| digikam | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libraw | Fixed | Fixed | Fixed | Fixed |
Some fixes available 7 of 51
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations.
8 affected packages
ufraw, darktable, exactimage, dcraw, rawtherapee...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ufraw | Not in release | Not in release | Not in release | Needs evaluation |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| digikam | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libraw | Fixed | Fixed | Fixed | Fixed |
Some fixes available 7 of 51
In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser.
8 affected packages
dcraw, ufraw, darktable, exactimage, libraw...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ufraw | Not in release | Not in release | Not in release | Needs evaluation |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libraw | Fixed | Fixed | Fixed | Fixed |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| digikam | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
open_actions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document (e.g., a document opened in KDE ghostwriter).
1 affected package
kitty
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kitty | Ignored | Not affected | Not affected | — |
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless...
1 affected package
mailman
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mailman | Not in release | Not in release | Needs evaluation | Needs evaluation |
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple...
1 affected package
mailman
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mailman | Not in release | Not in release | Needs evaluation | Needs evaluation |
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the...
1 affected package
mailman
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mailman | Not in release | Not in release | Needs evaluation | Needs evaluation |