Search CVE reports
41 – 50 of 47862 results
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctb_info.log2unitSize...
1 affected package
libde265
| Package | 16.04 LTS |
|---|---|
| libde265 | Needs evaluation |
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in pic_parameter_set::set_derived_values(). This issue has been patched in...
1 affected package
libde265
| Package | 16.04 LTS |
|---|---|
| libde265 | Needs evaluation |
libfuse is the reference implementation of the Linux FUSE. From version 3.18.0 to before version 3.18.2, a use-after-free vulnerability in the io_uring subsystem of libfuse allows a local attacker to crash FUSE filesystem...
2 affected packages
fuse, fuse3
| Package | 16.04 LTS |
|---|---|
| fuse | Needs evaluation |
| fuse3 | — |
GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow (write) vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gf_xml_parse_bit_sequence_bs function in...
1 affected package
gpac
| Package | 16.04 LTS |
|---|---|
| gpac | Needs evaluation |
AWStats 8.0 is vulnerable to Command Injection via the open function
1 affected package
awstats
| Package | 16.04 LTS |
|---|---|
| awstats | Needs evaluation |
[Unknown description]
1 affected package
qemu
| Package | 16.04 LTS |
|---|---|
| qemu | Needs evaluation |
[Command injection via newline in glob()]
1 affected package
vim
| Package | 16.04 LTS |
|---|---|
| vim | Needs evaluation |
phpseclib is a PHP secure communications library. Projects using versions 1.0.26 and below, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue...
3 affected packages
php-phpseclib, php-phpseclib3, phpseclib
| Package | 16.04 LTS |
|---|---|
| php-phpseclib | Needs evaluation |
| php-phpseclib3 | — |
| phpseclib | Needs evaluation |
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps() crashes the...
3 affected packages
ujson, pandas, collada2gltf
| Package | 16.04 LTS |
|---|---|
| ujson | Needs evaluation |
| pandas | Needs evaluation |
| collada2gltf | Needs evaluation |
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak in JSON parsing large (outside of the range [-2^63, 2^64 - 1])...
3 affected packages
pandas, ujson, collada2gltf
| Package | 16.04 LTS |
|---|---|
| pandas | Needs evaluation |
| ujson | Needs evaluation |
| collada2gltf | Needs evaluation |