Search CVE reports
21 – 30 of 37401 results
Apache ActiveMQ does not properly validate the remaining length field which may lead to an overflow during the decoding of malformed packets. When this integer overflow occurs, ActiveMQ may incorrectly compute the total Remaining...
1 affected package
activemq
| Package | 20.04 LTS |
|---|---|
| activemq | Needs evaluation |
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated...
1 affected package
openexr
| Package | 20.04 LTS |
|---|---|
| openexr | Needs evaluation |
Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the _.flatten and _.isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in...
1 affected package
ruby-rails-assets-underscore
| Package | 20.04 LTS |
|---|---|
| ruby-rails-assets-underscore | Needs evaluation |
dr_libs version 0.14.4 and earlier (fixed in commit 8a7258c) contain a heap buffer overflow vulnerability in the drwav__read_smpl_to_metadata_obj() function of dr_wav.h that allows memory corruption via crafted WAV...
5 affected packages
dosbox-x, faudio, octave-ltfat, qtads, roc-toolkit
| Package | 20.04 LTS |
|---|---|
| dosbox-x | — |
| faudio | Needs evaluation |
| octave-ltfat | Needs evaluation |
| qtads | Needs evaluation |
| roc-toolkit | — |
An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker to cause file system objects to be created...
1 affected package
python-django
| Package | 20.04 LTS |
|---|---|
| python-django | Needs evaluation |
An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. `URLField.to_python()` in Django calls `urllib.parse.urlsplit()`, which performs NFKC normalization on Windows that is disproportionately slow...
1 affected package
python-django
| Package | 20.04 LTS |
|---|---|
| python-django | Not affected |
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server.
1 affected package
lxd
| Package | 20.04 LTS |
|---|---|
| lxd | Needs evaluation |
[Unknown description]
1 affected package
binutils
| Package | 20.04 LTS |
|---|---|
| binutils | Needs evaluation |
[Unknown description]
1 affected package
binutils
| Package | 20.04 LTS |
|---|---|
| binutils | Needs evaluation |
[Unknown description]
1 affected package
qemu
| Package | 20.04 LTS |
|---|---|
| qemu | Needs evaluation |