Search CVE reports
61 – 70 of 35647 results
A remotely reachable Use-After-Free (UAF) vulnerability has been identified in Exim's BDAT (binary data transmission) body parsing path when using the GnuTLS backend. This vulnerability can lead to heap corruption and potential...
1 affected package
exim4
| Package | 24.04 LTS |
|---|---|
| exim4 | Fixed |
[Unknown description]
1 affected package
twisted
| Package | 24.04 LTS |
|---|---|
| twisted | Needs evaluation |
Wireshark MCP is an MCP Server that turns tshark into a structured analysis interface, then layers in optional Wireshark suite utilities. In 1.1.5 and earlier, wireshark-mcp exposes a wireshark_export_objects MCP tool that accepts...
1 affected package
wireshark
| Package | 24.04 LTS |
|---|---|
| wireshark | Needs evaluation |
HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the `Host:` header,...
1 affected package
libhttp-tiny-perl
| Package | 24.04 LTS |
|---|---|
| libhttp-tiny-perl | Needs evaluation |
libcaca is a colour ASCII art library. In 0.99.beta20 and earlier, an integer overflow vulnerability in libcaca's canvas import functionality allows an attacker to cause a controlled heap out-of-bounds write (heap overflow) by...
1 affected package
libcaca
| Package | 24.04 LTS |
|---|---|
| libcaca | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and...
1 affected package
imagemagick
| Package | 24.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
`xml.parsers.expat` and `xml.etree.ElementTree` use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both...
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 24.04 LTS |
|---|---|
| python2.7 | Not in release |
| python3.4 | Not in release |
| python3.5 | Not in release |
| python3.6 | Not in release |
| python3.7 | Not in release |
| python3.8 | Not in release |
| python3.9 | Not in release |
| python3.10 | Not in release |
| python3.11 | Not in release |
| python3.12 | Needs evaluation |
| python3.13 | Not in release |
| python3.14 | Not in release |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Echo. This vulnerability is associated with program files includes/Api/ApiEchoNotifications.Php. This issue affects Echo: from *...
1 affected package
mediawiki
| Package | 24.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
jq is a command-line JSON processor. In 1.8.2rc1 and earlier, the ordinary module loader recurses without cycle detection when two otherwise valid modules include each other.
1 affected package
jq
| Package | 24.04 LTS |
|---|---|
| jq | Needs evaluation |
jq is a command-line JSON processor. In 1.8.1 and earlier, unbounded recursion in jv_object_merge_recursive() allows a crafted jq program to crash the process with a segfault. The function is reachable through the * operator when...
1 affected package
jq
| Package | 24.04 LTS |
|---|---|
| jq | Needs evaluation |