Search CVE reports
541 – 550 of 1287 results
A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket...
1 affected package
spice-vdagent
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| spice-vdagent | Fixed | Fixed | Fixed | Fixed | Fixed |
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | — | Fixed | Fixed | Fixed | Fixed |
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
1 affected package
packagekit
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| packagekit | — | — | — | Fixed | Fixed |
libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software...
8 affected packages
darktable, dcraw, exactimage, kodi, libraw...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| darktable | — | — | — | Not affected | Not affected |
| dcraw | — | — | — | Not affected | Not affected |
| exactimage | — | — | — | Not affected | Not affected |
| kodi | — | — | — | Not affected | Not affected |
| libraw | — | — | — | Not affected | Not affected |
| rawtherapee | — | — | — | Not affected | Not affected |
| ufraw | — | — | — | Not in release | Not affected |
| xbmc | — | — | — | Not in release | Not in release |
A buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::GetNormalizedModel in src/metadata/normalize_model.cpp may lead to context-dependent arbitrary code execution.
8 affected packages
darktable, dcraw, exactimage, kodi, libraw...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| darktable | — | — | — | Not affected | Not affected |
| dcraw | — | — | — | Not affected | Not affected |
| exactimage | — | — | — | Not affected | Not affected |
| kodi | — | — | — | Not affected | Not affected |
| libraw | — | — | — | Not affected | Not affected |
| rawtherapee | — | — | — | Not affected | Not affected |
| ufraw | — | — | — | Not in release | Not affected |
| xbmc | — | — | — | Not in release | Not in release |
Some fixes available 2 of 83
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs...
8 affected packages
darktable, exactimage, dcraw, rawtherapee, kodi...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libraw | Not affected | Not affected | Not affected | Fixed | Fixed |
| ufraw | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds.
8 affected packages
darktable, exactimage, dcraw, rawtherapee, kodi...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libraw | Not affected | Not affected | Not affected | Not affected | Not affected |
| ufraw | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
Some fixes available 16 of 17
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd"...
1 affected package
gce-compute-image-packages
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gce-compute-image-packages | Fixed | Fixed | Fixed | Fixed | Fixed |
Some fixes available 16 of 17
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the...
1 affected package
gce-compute-image-packages
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gce-compute-image-packages | Fixed | Fixed | Fixed | Fixed | Fixed |
Some fixes available 16 of 17
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the...
1 affected package
gce-compute-image-packages
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gce-compute-image-packages | Fixed | Fixed | Fixed | Fixed | Fixed |