Search CVE reports
481 – 490 of 38389 results
XKB Buffer overflow in CheckKeyTypes(). The function CheckKeyTypes() will loop over the client's request but won't perform any additional bound checking to ensure that the data read remains within the request bounds. As a result,...
7 affected packages
xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...
| Package | 22.04 LTS |
|---|---|
| xorg | Not affected |
| xorg-server | Needs evaluation |
| xwayland | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release |
| xorg-server-hwe-18.04 | Not in release |
| xorg-hwe-16.04 | Not in release |
| xorg-hwe-18.04 | Not in release |
XKB Out-of-bounds read in CheckModifierMap(). CheckModifierMap() reads from the wire in a loop without verifying that the data remains within the bounds of the client request. As a result, the total number of keys could exceed the...
7 affected packages
xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...
| Package | 22.04 LTS |
|---|---|
| xorg | Not affected |
| xorg-server | Needs evaluation |
| xwayland | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release |
| xorg-server-hwe-18.04 | Not in release |
| xorg-hwe-16.04 | Not in release |
| xorg-hwe-18.04 | Not in release |
XSYNC Use-after-free in miSyncTriggerFence(). When walking the list of fences to trigger, miSyncTriggerFence() may call TriggerFence() for the current trigger, which end up calling the function SyncAwaitTriggerFired()....
7 affected packages
xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...
| Package | 22.04 LTS |
|---|---|
| xorg | Not affected |
| xorg-server | Needs evaluation |
| xwayland | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release |
| xorg-server-hwe-18.04 | Not in release |
| xorg-hwe-16.04 | Not in release |
| xorg-hwe-18.04 | Not in release |
XKB Out-of-bounds Read in CheckSetGeom(). Each key alias entry contains two key names (the alias and the real key name). The code in CheckSetGeom() does its bounds checking using only the first name, allowing XkbAddGeomKeyAlias to...
7 affected packages
xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...
| Package | 22.04 LTS |
|---|---|
| xorg | Not affected |
| xorg-server | Needs evaluation |
| xwayland | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release |
| xorg-server-hwe-18.04 | Not in release |
| xorg-hwe-16.04 | Not in release |
| xorg-hwe-18.04 | Not in release |
XKB Integer Underflow in XkbSetCompatMap(). If a "compat" buffer was previously truncated, there will be unused space left in the buffer. The code in XkbSetCompatMap() will use that space, but fails to update the number of valid...
7 affected packages
xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...
| Package | 22.04 LTS |
|---|---|
| xorg | Not affected |
| xorg-server | Needs evaluation |
| xwayland | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release |
| xorg-server-hwe-18.04 | Not in release |
| xorg-hwe-16.04 | Not in release |
| xorg-hwe-18.04 | Not in release |
Some fixes available 1 of 3
Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 22.04 LTS |
|---|---|
| dotnet6 | Vulnerable |
| dotnet7 | Ignored |
| dotnet8 | Fixed |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Some fixes available 1 of 3
Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 22.04 LTS |
|---|---|
| dotnet6 | Vulnerable |
| dotnet7 | Ignored |
| dotnet8 | Fixed |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Some fixes available 1 of 3
Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 22.04 LTS |
|---|---|
| dotnet6 | Vulnerable |
| dotnet7 | Ignored |
| dotnet8 | Fixed |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Some fixes available 1 of 3
Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 22.04 LTS |
|---|---|
| dotnet6 | Vulnerable |
| dotnet7 | Ignored |
| dotnet8 | Fixed |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jv_parse_sized() API in libjq accepts a counted buffer with an explicit length parameter, but its error-handling path formats the...
1 affected package
jq
| Package | 22.04 LTS |
|---|---|
| jq | Needs evaluation |