Search CVE reports
71 – 80 of 892 results
SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial of service
1 affected package
wireshark
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| wireshark | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in markdown-it allows Cross-Site Scripting (XSS). This vulnerability is associated with program files lib/renderer.mjs. This...
1 affected package
node-markdown-it
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| node-markdown-it | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as...
1 affected package
netavark
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| netavark | Needs evaluation | Needs evaluation | Not in release | — | — |
Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file
1 affected package
wireshark
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| wireshark | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to catastrophic backtracking in several regular expressions used for parsing HTML tags and markdown links. An attacker can...
1 affected package
node-marked
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| node-marked | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
Some fixes available 3 of 5
league/commonmark is a PHP Markdown parser. A cross-site scripting (XSS) vulnerability in the Attributes extension of the league/commonmark library (versions 1.5.0 through 2.6.x) allows remote attackers to insert...
1 affected package
php-league-commonmark
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| php-league-commonmark | Not affected | Fixed | Fixed | Fixed | — |
Some fixes available 7 of 57
In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.
8 affected packages
dcraw, ufraw, darktable, exactimage, rawtherapee...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| ufraw | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| libraw | Not affected | Fixed | Fixed | Fixed | Fixed |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| digikam | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
Some fixes available 7 of 57
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing.
8 affected packages
ufraw, darktable, exactimage, dcraw, rawtherapee...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ufraw | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| digikam | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| libraw | Not affected | Fixed | Fixed | Fixed | Fixed |
Some fixes available 7 of 57
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations.
8 affected packages
ufraw, darktable, exactimage, dcraw, rawtherapee...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ufraw | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| digikam | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| libraw | Not affected | Fixed | Fixed | Fixed | Fixed |
Some fixes available 7 of 57
In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser.
8 affected packages
dcraw, ufraw, darktable, exactimage, libraw...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| ufraw | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| libraw | Not affected | Fixed | Fixed | Fixed | Fixed |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
| digikam | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |