Search CVE reports
1 – 10 of 30566 results
An integer overflow in the jbig2_arith_iaid_ctx_new() function of Artifex commit cc37d0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
1 affected package
jbig2dec
| Package | 26.04 LTS |
|---|---|
| jbig2dec | Needs evaluation |
The incremental HTML parser (html.parser.HTMLParser) allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data.
11 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 26.04 LTS |
|---|---|
| python2.7 | Not in release |
| python3.4 | Not in release |
| python3.5 | Not in release |
| python3.6 | Not in release |
| python3.7 | Not in release |
| python3.8 | Not in release |
| python3.9 | Not in release |
| python3.10 | Not in release |
| python3.11 | Not in release |
| python3.12 | Not in release |
| python3.14 | Needs evaluation |
A flaw has been found in pdeljanov Symphonia up to 0.6.0. This vulnerability affects unknown code of the component Metadata Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit...
1 affected package
rust-symphonia
| Package | 26.04 LTS |
|---|---|
| rust-symphonia | Needs evaluation |
Not in release
A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsub_read_idx of the file /src/media_tools/vobsub.c of the component MP4Box. Executing a manipulation of the argument num_langs can lead...
1 affected package
gpac
| Package | 26.04 LTS |
|---|---|
| gpac | Not in release |
A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing...
1 affected package
libarchive
| Package | 26.04 LTS |
|---|---|
| libarchive | Needs evaluation |
[Unknown description]
1 affected package
libhttp-date-perl
| Package | 26.04 LTS |
|---|---|
| libhttp-date-perl | Needs evaluation |
Not in release
Cesanta Mongoose before 7.22 contains an out-of-bounds read in the built-in TLS server function mg_tls_server_recv_hello(), which uses an attacker-controlled session_id_len byte from a TLS ClientHello as a buffer index without...
1 affected package
mongoose
| Package | 26.04 LTS |
|---|---|
| mongoose | Not in release |
Not in release
(GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
1 affected package
gitlab
| Package | 26.04 LTS |
|---|---|
| gitlab | Not in release |
Not in release
(GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
1 affected package
gitlab
| Package | 26.04 LTS |
|---|---|
| gitlab | Not in release |
Not in release
(GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
1 affected package
gitlab
| Package | 26.04 LTS |
|---|---|
| gitlab | Not in release |