Search CVE reports
51 – 60 of 42301 results
An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to execute arbitrary code via the register function in inc/auth.php
1 affected package
dokuwiki
| Package | 20.04 LTS |
|---|---|
| dokuwiki | Needs evaluation |
An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart.
1 affected package
dcmtk
| Package | 20.04 LTS |
|---|---|
| dcmtk | Needs evaluation |
An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record.
1 affected package
dcmtk
| Package | 20.04 LTS |
|---|---|
| dcmtk | Needs evaluation |
In the Tarfile.extract() function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted tar files could end up writing files with an unexpected uid/gid...
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 20.04 LTS |
|---|---|
| python2.7 | Needs evaluation |
| python3.4 | — |
| python3.5 | — |
| python3.6 | — |
| python3.7 | — |
| python3.8 | Needs evaluation |
| python3.9 | Needs evaluation |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
Memory safety bugs present in Firefox 152.0.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was...
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 20.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | — |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEEE 802.11be) Multi-Link Operation (MLO) association request processing allows an unauthenticated attacker within wireless range to send a crafted management...
1 affected package
wpa
| Package | 20.04 LTS |
|---|---|
| wpa | Needs evaluation |
A flaw was found in GLib. A state confusion issue exists in g_dbus_node_info_new_for_xml() in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a <node> element nested within...
1 affected package
glib2.0
| Package | 20.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in GLib. The D-Bus client-side implementation of the DBUS_COOKIE_SHA1 SASL authentication mechanism does not validate the cookie_context parameter received from the server. A malicious D-Bus server can supply a...
1 affected package
glib2.0
| Package | 20.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in GLib. An off-by-one error can occur in the g_key_file_get_locale_string_list function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or...
1 affected package
glib2.0
| Package | 20.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in GLib. A buffer over-read can occur in g_io_channel_read_line_backend() in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString...
1 affected package
glib2.0
| Package | 20.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |