Search CVE reports
661 – 670 of 881 results
Some fixes available 23 of 31
Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid...
3 affected packages
chromium-browser, oxide-qt, openjpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | Fixed | Fixed | Fixed | Fixed |
| oxide-qt | Not in release | Not in release | Not in release | Not in release |
| openjpeg | Not in release | Not in release | Not in release | Not in release |
Some fixes available 3 of 5
PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified...
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| oxide-qt | — | — | — | — |
Some fixes available 16 of 29
The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mishandles interrupts, which allows remote attackers to cause a denial of service (application crash) via crafted JavaScript code,...
4 affected packages
libv8, libv8-3.14, oxide-qt, chromium-browser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libv8 | — | — | — | Not in release |
| libv8-3.14 | — | — | — | Ignored |
| oxide-qt | — | — | — | Not in release |
| chromium-browser | — | — | — | Fixed |
Some fixes available 6 of 9
Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403.89 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| oxide-qt | — | — | — | — |
Some fixes available 6 of 9
Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows...
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| oxide-qt | — | — | — | — |
Some fixes available 6 of 9
The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote...
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| oxide-qt | — | — | — | — |
Some fixes available 6 of 9
The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly check for a page's maximum number of frames, which allows remote attackers to cause a...
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| oxide-qt | — | — | — | — |
Some fixes available 42 of 255
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or...
33 affected packages
cmake, ghostscript, texlive-bin, libparagui1.1, ayttm...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cmake | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| libparagui1.1 | Not in release | Not in release | Not in release | Not in release |
| ayttm | Not in release | Not in release | Not in release | Not in release |
| audacity | Not affected | Not affected | Not affected | Not affected |
| matanza | Ignored | Ignored | Ignored | Ignored |
| smart | Not in release | Not in release | Not in release | Not affected |
| vtk | Not in release | Not in release | Not in release | Not in release |
| expat | Not affected | Not affected | Not affected | Not affected |
| apache2 | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected |
| poco | Not affected | Not affected | Not affected | Not affected |
| sitecopy | Not in release | Not affected | Not affected | Not affected |
| swish-e | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| cadaver | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| cableswig | Not in release | Not in release | Not in release | Not in release |
| chromium-browser | Fixed | Fixed | Fixed | Fixed |
| coin3 | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| gdcm | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit | Not in release | Not in release | Not in release | Not in release |
| kompozer | Not in release | Not in release | Not in release | Not in release |
| oxide-qt | Not in release | Not in release | Not in release | Not in release |
| simgear | Not affected | Not affected | Not affected | Not affected |
| tdom | Not affected | Not affected | Not affected | Not affected |
| tla | Not affected | Not affected | Not affected | Not affected |
| vnc4 | Not in release | Not in release | Not in release | Vulnerable |
| wbxml2 | Not affected | Not affected | Not affected | Not affected |
| wxwidgets2.6 | Not in release | Not in release | Not in release | Not in release |
| libxmltok | Fixed | Fixed | Fixed | Fixed |
| xmlrpc-c | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| wxwidgets2.8 | Not in release | Not in release | Not in release | Not in release |
| xotcl | Not affected | Not affected | Not affected | Not affected |
Some fixes available 6 of 9
core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly determine the V8 context of a microtask, which allows remote attackers to bypass Content Security Policy (CSP) restrictions by...
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| oxide-qt | — | — | — | — |
Some fixes available 6 of 9
SkPictureShader.cpp in Skia, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging access to a...
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| oxide-qt | — | — | — | — |