Search CVE reports
251 – 260 of 47458 results
A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may write to files outside the...
1 affected package
busybox
| Package | 16.04 LTS |
|---|---|
| busybox | Needs evaluation |
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a buffer overflow vulnerability exists in PJNATH ICE Session when processing credentials with excessively long usernames.
1 affected package
pjproject
| Package | 16.04 LTS |
|---|---|
| pjproject | Needs evaluation |
Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect() function that allows attackers to crash the application by sending oversized input. Attackers can exploit the sprintf() buffer without proper length...
1 affected package
redir
| Package | 16.04 LTS |
|---|---|
| redir | Needs evaluation |
Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection, e.g., because comments are mishandled.
1 affected package
roundcube
| Package | 16.04 LTS |
|---|---|
| roundcube | Needs evaluation |
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.get_tablesample_ratio function is then...
8 affected packages
postgresql-18, postgresql-17, postgresql-16, postgresql-14, postgresql-12...
| Package | 16.04 LTS |
|---|---|
| postgresql-18 | — |
| postgresql-17 | — |
| postgresql-16 | — |
| postgresql-14 | — |
| postgresql-12 | — |
| postgresql-10 | — |
| postgresql-9.5 | Not affected |
| postgresql-9.3 | — |
[PSD loader: heap-buffer-overflow in fread_pascal_string() (no null terminator)]
1 affected package
gimp
| Package | 16.04 LTS |
|---|---|
| gimp | Needs evaluation |
A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by...
1 affected package
graphicsmagick
| Package | 16.04 LTS |
|---|---|
| graphicsmagick | Needs evaluation |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.0 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an unauthenticated user to cause denial of...
2 affected packages
gitlab, gitlab-agent
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
| gitlab-agent | — |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated user to cause denial of service through CPU exhaustion by submitting...
2 affected packages
gitlab, gitlab-agent
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
| gitlab-agent | — |
GitLab has remediated an issue in GitLab EE affecting all versions from 15.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an authenticated user to cause Denial of Service by uploading a...
2 affected packages
gitlab, gitlab-agent
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
| gitlab-agent | — |