Search CVE reports
651 – 660 of 48495 results
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the...
2 affected packages
glibc, eglibc
| Package | 16.04 LTS |
|---|---|
| glibc | Needs evaluation |
| eglibc | — |
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server,...
2 affected packages
glibc, eglibc
| Package | 16.04 LTS |
|---|---|
| glibc | Needs evaluation |
| eglibc | — |
MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSON_SCHEMA_VALID() function. Under certain conditions it might...
5 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6
| Package | 16.04 LTS |
|---|---|
| mariadb | — |
| mariadb-10.0 | Needs evaluation |
| mariadb-10.1 | — |
| mariadb-10.3 | — |
| mariadb-10.6 | — |
The webbrowser.open() API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended to sanitize URLs prior to passing...
14 affected packages
jython, pypy3, python2.7, python3.4, python3.5...
| Package | 16.04 LTS |
|---|---|
| jython | Needs evaluation |
| pypy3 | — |
| python2.7 | Needs evaluation |
| python3.4 | — |
| python3.5 | Needs evaluation |
| python3.6 | — |
| python3.7 | — |
| python3.8 | — |
| python3.9 | — |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading out-of-bounds heap read in pjsip_multipart_parse(). After boundary string matching, curptr is advanced past...
1 affected package
pjproject
| Package | 16.04 LTS |
|---|---|
| pjproject | Needs evaluation |
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's...
1 affected package
pjproject
| Package | 16.04 LTS |
|---|---|
| pjproject | Needs evaluation |
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between...
1 affected package
pjproject
| Package | 16.04 LTS |
|---|---|
| pjproject | Needs evaluation |
pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the...
1 affected package
pydicom
| Package | 16.04 LTS |
|---|---|
| pydicom | Needs evaluation |
[Unknown description]
1 affected package
qemu
| Package | 16.04 LTS |
|---|---|
| qemu | Needs evaluation |
phpseclib is a PHP secure communications library. Projects using versions 1.0.26 and below, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue...
3 affected packages
php-phpseclib, php-phpseclib3, phpseclib
| Package | 16.04 LTS |
|---|---|
| php-phpseclib | Needs evaluation |
| php-phpseclib3 | — |
| phpseclib | Needs evaluation |