Search CVE reports
51 – 60 of 34732 results
CVE-2025-43967
Medium prioritylibheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item.
1 affected package
libheif
| Package | 18.04 LTS |
|---|---|
| libheif | Needs evaluation |
CVE-2025-43966
Medium prioritylibheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc.
1 affected package
libheif
| Package | 18.04 LTS |
|---|---|
| libheif | Needs evaluation |
CVE-2025-43964
Medium priorityIn LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.
8 affected packages
darktable, dcraw, digikam, exactimage, kodi...
| Package | 18.04 LTS |
|---|---|
| darktable | Needs evaluation |
| dcraw | Needs evaluation |
| digikam | Needs evaluation |
| exactimage | Needs evaluation |
| kodi | Needs evaluation |
| libraw | Needs evaluation |
| rawtherapee | Needs evaluation |
| ufraw | Needs evaluation |
CVE-2025-43963
Medium priorityIn LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing.
8 affected packages
darktable, dcraw, digikam, exactimage, kodi...
| Package | 18.04 LTS |
|---|---|
| darktable | Needs evaluation |
| dcraw | Needs evaluation |
| digikam | Needs evaluation |
| exactimage | Needs evaluation |
| kodi | Needs evaluation |
| libraw | Needs evaluation |
| rawtherapee | Needs evaluation |
| ufraw | Needs evaluation |
CVE-2025-43962
Medium priorityIn LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations.
8 affected packages
darktable, dcraw, digikam, exactimage, kodi...
| Package | 18.04 LTS |
|---|---|
| darktable | Needs evaluation |
| dcraw | Needs evaluation |
| digikam | Needs evaluation |
| exactimage | Needs evaluation |
| kodi | Needs evaluation |
| libraw | Needs evaluation |
| rawtherapee | Needs evaluation |
| ufraw | Needs evaluation |
CVE-2025-43961
Medium priorityIn LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser.
8 affected packages
darktable, dcraw, digikam, exactimage, kodi...
| Package | 18.04 LTS |
|---|---|
| darktable | Needs evaluation |
| dcraw | Needs evaluation |
| digikam | Needs evaluation |
| exactimage | Needs evaluation |
| kodi | Needs evaluation |
| libraw | Needs evaluation |
| rawtherapee | Needs evaluation |
| ufraw | Needs evaluation |
CVE-2025-43921
Medium priorityGNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint.
1 affected package
mailman
| Package | 18.04 LTS |
|---|---|
| mailman | Needs evaluation |
CVE-2025-43920
Medium priorityGNU Mailman 2.1.39, as bundled in cPanel (and WHM), in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line.
1 affected package
mailman
| Package | 18.04 LTS |
|---|---|
| mailman | Needs evaluation |
CVE-2025-43919
Medium priorityGNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the...
1 affected package
mailman
| Package | 18.04 LTS |
|---|---|
| mailman | Needs evaluation |
CVE-2022-47112
Medium priority7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected.
2 affected packages
7zip, p7zip
| Package | 18.04 LTS |
|---|---|
| 7zip | — |
| p7zip | Needs evaluation |