Search CVE reports
1191 – 1200 of 43343 results
MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSON_SCHEMA_VALID() function. Under certain conditions it might...
5 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6
| Package | 18.04 LTS |
|---|---|
| mariadb | — |
| mariadb-10.0 | — |
| mariadb-10.1 | Needs evaluation |
| mariadb-10.3 | — |
| mariadb-10.6 | — |
The webbrowser.open() API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended to sanitize URLs prior to passing...
14 affected packages
jython, pypy3, python2.7, python3.4, python3.5...
| Package | 18.04 LTS |
|---|---|
| jython | Needs evaluation |
| pypy3 | — |
| python2.7 | Needs evaluation |
| python3.4 | — |
| python3.5 | — |
| python3.6 | Needs evaluation |
| python3.7 | Needs evaluation |
| python3.8 | Needs evaluation |
| python3.9 | — |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading out-of-bounds heap read in pjsip_multipart_parse(). After boundary string matching, curptr is advanced past...
1 affected package
pjproject
| Package | 18.04 LTS |
|---|---|
| pjproject | Needs evaluation |
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's...
1 affected package
pjproject
| Package | 18.04 LTS |
|---|---|
| pjproject | Needs evaluation |
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between...
1 affected package
pjproject
| Package | 18.04 LTS |
|---|---|
| pjproject | Needs evaluation |
pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the...
1 affected package
pydicom
| Package | 18.04 LTS |
|---|---|
| pydicom | Needs evaluation |
Use of Java scripting engine enabled (e.g. JRuby, Jython) template views in Spring MVC and Spring WebFlux applications can result in disclosure of content from files outside the configured locations for script template views. This...
1 affected package
libspring-java
| Package | 18.04 LTS |
|---|---|
| libspring-java | Needs evaluation |
Spring MVC and WebFlux applications are vulnerable to stream corruption when using Server-Sent Events (SSE). This issue affects Spring Foundation: from 7.0.0 through 7.0.5, from 6.2.0 through 6.2.16, from 6.1.0 through 6.1.25,...
1 affected package
libspring-java
| Package | 18.04 LTS |
|---|---|
| libspring-java | Needs evaluation |
[Unknown description]
1 affected package
qemu
| Package | 18.04 LTS |
|---|---|
| qemu | Needs evaluation |
tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and below, when unpacking a tar archive, the tar crate's unpack_dir function uses fs::metadata() to check whether a path that already exists is a...
23 affected packages
rust-tar, rustc, rustc-1.62, rustc-1.74, rustc-1.76...
| Package | 18.04 LTS |
|---|---|
| rust-tar | — |
| rustc | Needs evaluation |
| rustc-1.62 | — |
| rustc-1.74 | — |
| rustc-1.76 | — |
| rustc-1.77 | — |
| rustc-1.78 | — |
| rustc-1.79 | — |
| rustc-1.80 | — |
| rustc-1.81 | — |
| rustc-1.82 | — |
| rustc-1.83 | — |
| rustc-1.84 | — |
| rustc-1.85 | — |
| rustc-1.88 | — |
| rustc-1.89 | — |
| rustc-1.91 | — |
| rustc-1.92 | — |
| rustc-1.93 | — |
| cargo | Needs evaluation |
| rust-cargo-c | — |
| rust-async-tar | — |
| rust-astral-tokio-tar | — |