Search CVE reports
21 – 30 of 32691 results
PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. ...
7 affected packages
postgresql-17, postgresql-16, postgresql-14, postgresql-12, postgresql-10...
| Package | 20.04 LTS |
|---|---|
| postgresql-17 | — |
| postgresql-16 | — |
| postgresql-14 | — |
| postgresql-12 | Needs evaluation |
| postgresql-10 | — |
| postgresql-9.5 | — |
| postgresql-9.3 | — |
MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle. An attacker with local user access can invoke this...
1 affected package
gimp
| Package | 20.04 LTS |
|---|---|
| gimp | Not affected |
A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to...
4 affected packages
h2o, haproxy, lighttpd, varnish
| Package | 20.04 LTS |
|---|---|
| h2o | Needs evaluation |
| haproxy | Needs evaluation |
| lighttpd | Needs evaluation |
| varnish | Needs evaluation |
A vulnerability, which was classified as problematic, was found in libav up to 12.3. This affects the function ff_seek_frame_binary of the file /libavformat/utils.c of the component MPEG File Parser. The manipulation leads to null...
2 affected packages
ffmpeg, libav
| Package | 20.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | — |
A vulnerability, which was classified as critical, has been found in libav up to 12.3. Affected by this issue is the function main of the file /avtools/avconv.c of the component DSS File Demuxer. The manipulation leads to double...
2 affected packages
ffmpeg, libav
| Package | 20.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | — |
A vulnerability classified as problematic was found in libav up to 12.3. Affected by this vulnerability is the function av_buffer_unref of the file libavutil/buffer.c of the component AVI File Parser. The manipulation leads to...
2 affected packages
libav, ffmpeg
| Package | 20.04 LTS |
|---|---|
| libav | — |
| ffmpeg | Needs evaluation |
A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It...
5 affected packages
tiff, qtwebengine-opensource-src, texmaker, gdal, neuron
| Package | 20.04 LTS |
|---|---|
| tiff | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation |
| texmaker | Needs evaluation |
| gdal | Not affected |
| neuron | Needs evaluation |
It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification...
1 affected package
devscripts
| Package | 20.04 LTS |
|---|---|
| devscripts | Needs evaluation |
Versions of the package z-push/z-push-dev before 2.7.6 are vulnerable to SQL Injection due to unparameterized queries in the IMAP backend. An attacker can inject malicious commands by manipulating the username field in basic...
1 affected package
z-push
| Package | 20.04 LTS |
|---|---|
| z-push | Needs evaluation |
A vulnerability was found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic. Affected is the function explodeHostedGitFragment of the file src/resolvers/exotics/hosted-git-resolver.js. The manipulation leads...
1 affected package
node-yarnpkg
| Package | 20.04 LTS |
|---|---|
| node-yarnpkg | Needs evaluation |