Search CVE reports


Toggle filters

251 – 260 of 1279 results


CVE-2024-55193

Medium priority
Needs evaluation

OpenImageIO v3.1.0.0dev was discovered to contain a segmentation violation via the component /OpenImageIO/string_view.h.

1 affected package

openimageio

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openimageio Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-55192

Medium priority
Needs evaluation

OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component OpenImageIO_v3_1_0::farmhash::inlined::Fetch64(char const*).

1 affected package

openimageio

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openimageio Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2025-0218

Medium priority
Needs evaluation

When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory...

1 affected package

pgagent

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pgagent Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-56327

Medium priority

Some fixes available 1 of 3

pyrage is a set of Python bindings for the rage file encryption library (age in Rust). `pyrage` uses the Rust `age` crate for its underlying operations, and `age` is vulnerable to GHSA-4fg7-vxc8-qx5w. All details...

1 affected package

age

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
age Not affected Fixed Not affected Not in release
Show less packages

CVE-2024-45338

Medium priority

Some fixes available 13 of 17

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

7 affected packages

adsys, containerd, golang-golang-x-net, golang-golang-x-net-dev, google-guest-agent...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
adsys Fixed Fixed Fixed Fixed
containerd Not affected Not affected Not affected Not affected Not affected
golang-golang-x-net Vulnerable Fixed Fixed Not in release
golang-golang-x-net-dev Not in release Not in release Not in release Fixed Fixed
google-guest-agent Not affected Not affected Not affected Not affected Not affected
juju-core Not in release Not in release Not in release Not in release
lxd Not in release Not in release Not in release Not affected Not affected
Show all 7 packages Show less packages

CVE-2024-52792

Medium priority
Needs evaluation

LDAP Account Manager (LAM) is a php webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In affected versions LAM does not properly sanitize configuration values, that are set via...

1 affected package

ldap-account-manager

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ldap-account-manager Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-45337

Medium priority

Some fixes available 11 of 16

Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says...

4 affected packages

golang-go.crypto, google-guest-agent, lxd, snapd

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-go.crypto Not affected Fixed Fixed Fixed Fixed
google-guest-agent Not affected Fixed Fixed Fixed Fixed
lxd Not in release Not in release Not in release Not affected Needs evaluation
snapd Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2024-53920

Medium priority

Some fixes available 3 of 25

In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute...

5 affected packages

emacs, emacs24, emacs25, xemacs21, xemacs21-packages

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
emacs Not affected Fixed Fixed Fixed
emacs24 Not in release Not in release Not in release Not in release
emacs25 Not in release Not in release Not in release Not in release Needs evaluation
xemacs21 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xemacs21-packages Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-53901

Medium priority
Needs evaluation

The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image.

1 affected package

libimager-perl

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libimager-perl Not affected Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-9676

Medium priority
Needs evaluation

A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running...

2 affected packages

golang-github-containers-buildah, golang-github-containers-storage

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-github-containers-buildah Not affected Needs evaluation Needs evaluation Not in release
golang-github-containers-storage Not affected Needs evaluation Needs evaluation Ignored
Show less packages