Search CVE reports
51 – 60 of 41274 results
A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to...
2 affected packages
libsoup2.4, libsoup3
| Package | 18.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | — |
Integer Overflow or Wraparound vulnerability in RawTherapee (rtengine modules). This vulnerability is associated with program files dcraw.Cc. This issue affects RawTherapee: through 5.11.
1 affected package
rawtherapee
| Package | 18.04 LTS |
|---|---|
| rawtherapee | Needs evaluation |
QGIS is a free, open source, cross platform geographical information system (GIS) The repository contains a GitHub Actions workflow called "pre-commit checks" that, before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9,...
1 affected package
qgis
| Package | 18.04 LTS |
|---|---|
| qgis | Needs evaluation |
Some fixes available 2 of 4
Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS#7 data where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference...
4 affected packages
openssl, openssl1.0, nodejs, edk2
| Package | 18.04 LTS |
|---|---|
| openssl | Fixed |
| openssl1.0 | Fixed |
| nodejs | Needs evaluation |
| edk2 | Needs evaluation |
Some fixes available 1 of 2
Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS#12 file. Impact summary: An application processing a malformed PKCS#12 file can be caused to dereference an invalid or...
4 affected packages
openssl, openssl1.0, nodejs, edk2
| Package | 18.04 LTS |
|---|---|
| openssl | Fixed |
| openssl1.0 | Not affected |
| nodejs | Needs evaluation |
| edk2 | Not affected |
Some fixes available 2 of 3
Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of...
4 affected packages
openssl, openssl1.0, nodejs, edk2
| Package | 18.04 LTS |
|---|---|
| openssl | Fixed |
| openssl1.0 | Fixed |
| nodejs | Needs evaluation |
| edk2 | Not affected |
Some fixes available 1 of 2
Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference...
4 affected packages
openssl, openssl1.0, nodejs, edk2
| Package | 18.04 LTS |
|---|---|
| openssl | Fixed |
| openssl1.0 | Not affected |
| nodejs | Needs evaluation |
| edk2 | Not affected |
Some fixes available 1 of 3
Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the...
4 affected packages
openssl, openssl1.0, nodejs, edk2
| Package | 18.04 LTS |
|---|---|
| openssl | Fixed |
| openssl1.0 | Not affected |
| nodejs | Needs evaluation |
| edk2 | Needs evaluation |
Some fixes available 1 of 3
Issue summary: When using the low-level OCB API directly with AES-NI or<br>other hardware-accelerated code paths, inputs whose length is not a multiple<br>of 16 bytes can leave the final partial block unencrypted...
4 affected packages
openssl, openssl1.0, nodejs, edk2
| Package | 18.04 LTS |
|---|---|
| openssl | Fixed |
| openssl1.0 | Not affected |
| nodejs | Needs evaluation |
| edk2 | Needs evaluation |
Some fixes available 2 of 4
Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can...
4 affected packages
openssl, openssl1.0, nodejs, edk2
| Package | 18.04 LTS |
|---|---|
| openssl | Fixed |
| openssl1.0 | Fixed |
| nodejs | Needs evaluation |
| edk2 | Needs evaluation |