Search CVE reports


Toggle filters

541 – 550 of 1287 results


CVE-2020-25650

Low priority
Fixed

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket...

1 affected package

spice-vdagent

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
spice-vdagent Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-27560

Negligible priority
Fixed

ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-16121

Low priority
Fixed

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.

1 affected package

packagekit

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
packagekit Fixed Fixed
Show less packages

CVE-2020-24890

Medium priority
Not affected

libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software...

8 affected packages

darktable, dcraw, exactimage, kodi, libraw...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Not affected Not affected
dcraw Not affected Not affected
exactimage Not affected Not affected
kodi Not affected Not affected
libraw Not affected Not affected
rawtherapee Not affected Not affected
ufraw Not in release Not affected
xbmc Not in release Not in release
Show all 8 packages Show less packages

CVE-2020-24889

Medium priority
Not affected

A buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::GetNormalizedModel in src/metadata/normalize_model.cpp may lead to context-dependent arbitrary code execution.

8 affected packages

darktable, dcraw, exactimage, kodi, libraw...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Not affected Not affected
dcraw Not affected Not affected
exactimage Not affected Not affected
kodi Not affected Not affected
libraw Not affected Not affected
rawtherapee Not affected Not affected
ufraw Not in release Not affected
xbmc Not in release Not in release
Show all 8 packages Show less packages

CVE-2020-15503

Low priority

Some fixes available 2 of 83

LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs...

8 affected packages

darktable, exactimage, dcraw, rawtherapee, kodi...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Not affected Not affected Not affected Fixed Fixed
ufraw Not in release Not in release Not in release Not in release Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 8 packages Show less packages

CVE-2020-15365

Medium priority
Needs evaluation

LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds.

8 affected packages

darktable, exactimage, dcraw, rawtherapee, kodi...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Not affected Not affected Not affected Not affected Not affected
ufraw Not in release Not in release Not in release Not in release Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 8 packages Show less packages

CVE-2020-8933

Medium priority

Some fixes available 16 of 17

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd"...

1 affected package

gce-compute-image-packages

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gce-compute-image-packages Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-8907

Medium priority

Some fixes available 16 of 17

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the...

1 affected package

gce-compute-image-packages

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gce-compute-image-packages Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-8903

Medium priority

Some fixes available 16 of 17

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the...

1 affected package

gce-compute-image-packages

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gce-compute-image-packages Fixed Fixed Fixed Fixed Fixed
Show less packages