Search CVE reports
1 – 10 of 28537 results
(A heap buffer overflow flaw was found in 389 Directory Server. When se ...)
1 affected package
389-ds-base
| Package | 26.04 LTS |
|---|---|
| 389-ds-base | Needs evaluation |
(Debusine is an integrated solution to build, distribute and maintain a ...)
1 affected package
debusine
| Package | 26.04 LTS |
|---|---|
| debusine | Needs evaluation |
(Debusine is an integrated solution to build, distribute and maintain a ...)
1 affected package
debusine
| Package | 26.04 LTS |
|---|---|
| debusine | Needs evaluation |
[Unknown description]
1 affected package
389-ds-base
| Package | 26.04 LTS |
|---|---|
| 389-ds-base | Needs evaluation |
GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle. GD::Image::_make_filehandle opens a filename argument with Perl's 2-arg open(), so a...
1 affected package
libgd-perl
| Package | 26.04 LTS |
|---|---|
| libgd-perl | Needs evaluation |
kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large...
1 affected package
python-kafka
| Package | 26.04 LTS |
|---|---|
| python-kafka | Needs evaluation |
A local privilege escalation vulnerability was found in the ansible.posix authorized_key module. The module's keyfile() function uses os.chown() instead of os.lchown() and opens files without O_NOFOLLOW when managing...
2 affected packages
ansible, ansible-core
| Package | 26.04 LTS |
|---|---|
| ansible | Needs evaluation |
| ansible-core | Needs evaluation |
lldpd is an implementation of IEEE 802.1ab (LLDP). Prior to version 1.0.22, lldpd_decode() in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove() to shift the frame payload 4 bytes left....
2 affected packages
lldpd, openvswitch
| Package | 26.04 LTS |
|---|---|
| lldpd | Needs evaluation |
| openvswitch | Needs evaluation |
SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with...
2 affected packages
sqlite, sqlite3
| Package | 26.04 LTS |
|---|---|
| sqlite | Not in release |
| sqlite3 | Needs evaluation |
SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database...
2 affected packages
sqlite, sqlite3
| Package | 26.04 LTS |
|---|---|
| sqlite | Not in release |
| sqlite3 | Needs evaluation |