Search CVE reports
31 – 40 of 30097 results
[Unknown description]
1 affected package
libde265
| Package | 26.04 LTS |
|---|---|
| libde265 | Needs evaluation |
[Unknown description]
1 affected package
libde265
| Package | 26.04 LTS |
|---|---|
| libde265 | Needs evaluation |
[Unknown description]
1 affected package
libde265
| Package | 26.04 LTS |
|---|---|
| libde265 | Needs evaluation |
ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion...
1 affected package
imagemagick
| Package | 26.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext...
1 affected package
imagemagick
| Package | 26.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service.
1 affected package
imagemagick
| Package | 26.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the...
1 affected package
imagemagick
| Package | 26.04 LTS |
|---|---|
| imagemagick | Not affected |
ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow,...
1 affected package
imagemagick
| Package | 26.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single...
1 affected package
imagemagick
| Package | 26.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
c3p0 is a JDBC Connection pooling library. In versions prior to 0.14.0, c3p0 in combination with other libraries, can compose to a "sink" for deserialization gadgets. The JDBC spec's DataSource.getConnection()...
1 affected package
c3p0
| Package | 26.04 LTS |
|---|---|
| c3p0 | Needs evaluation |