Search CVE reports
131 – 140 of 366 results
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes...
3 affected packages
tomcat7, tomcat8, tomcat9
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat7 | — | — | — | — | Not affected |
| tomcat8 | — | — | — | — | Not affected |
| tomcat9 | — | — | — | — | Not affected |
The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response...
2 affected packages
tomcat8, tomcat9
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat8 | — | — | — | — | Fixed |
| tomcat9 | — | — | — | — | Not affected |
Some fixes available 3 of 80
An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources.
8 affected packages
exactimage, kodi, xbmc, libraw, ufraw...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
| libraw | Not affected | Not affected | Not affected | Not affected | Fixed |
| ufraw | Not in release | Not in release | Not in release | Not in release | Ignored |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
Some fixes available 3 of 80
An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop.
8 affected packages
darktable, libraw, dcraw, ufraw, xbmc...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libraw | Not affected | Not affected | Not affected | Not affected | Fixed |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| ufraw | Not in release | Not in release | Not in release | Not in release | Ignored |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
Some fixes available 3 of 80
A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop.
8 affected packages
ufraw, kodi, darktable, dcraw, exactimage...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ufraw | Not in release | Not in release | Not in release | Not in release | Ignored |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libraw | Not affected | Not affected | Not affected | Not affected | Fixed |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
Some fixes available 3 of 80
LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow.
8 affected packages
darktable, dcraw, xbmc, libraw, ufraw...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
| libraw | Not affected | Not affected | Not affected | Not affected | Fixed |
| ufraw | Not in release | Not in release | Not in release | Not in release | Ignored |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
Some fixes available 3 of 80
LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.
8 affected packages
ufraw, darktable, dcraw, exactimage, kodi...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ufraw | Not in release | Not in release | Not in release | Not in release | Ignored |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libraw | Not affected | Not affected | Not affected | Not affected | Fixed |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
Some fixes available 3 of 80
LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.
8 affected packages
kodi, xbmc, darktable, dcraw, exactimage...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libraw | Not affected | Not affected | Not affected | Not affected | Fixed |
| ufraw | Not in release | Not in release | Not in release | Not in release | Ignored |
Some fixes available 2 of 79
There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact.
8 affected packages
darktable, libraw, ufraw, kodi, rawtherapee...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libraw | Not affected | Not affected | Not affected | Not affected | Fixed |
| ufraw | Not in release | Not in release | Not in release | Not in release | Ignored |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
Some fixes available 3 of 80
An error within the "LibRaw::parse_exif()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code.
8 affected packages
kodi, rawtherapee, xbmc, darktable, dcraw...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libraw | Not affected | Not affected | Not affected | Not affected | Fixed |
| ufraw | Not in release | Not in release | Not in release | Not in release | Ignored |