CVE search results

81 – 90 of 451 results

Detailed view

Sort by:

CVE-2021-45832

Medium priority

Needs evaluation

A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent).

3 affected packages

hdf5, insighttoolkit5, paraview

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
hdf5	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
insighttoolkit5	Needs evaluation	Needs evaluation	—	—	Ignored
paraview	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-45830

Medium priority

Needs evaluation

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.

3 affected packages

hdf5, insighttoolkit5, paraview

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
hdf5	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
insighttoolkit5	Needs evaluation	Needs evaluation	—	—	Ignored
paraview	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-45829

Medium priority

Needs evaluation

HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service.

3 affected packages

hdf5, insighttoolkit5, paraview

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
hdf5	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
insighttoolkit5	Needs evaluation	Needs evaluation	—	—	Ignored
paraview	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-45960

Low priority

Some fixes available 20 of 106

In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).

24 affected packages

apache2, apr-util, ayttm, cableswig, cadaver...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
apache2	Not affected	Not affected	Not affected	Not affected	Not affected
apr-util	Not affected	Not affected	Not affected	Not affected	Not affected
ayttm	Not in release	Not in release	Not in release	Not in release	Needs evaluation
cableswig	Not in release	Not in release	Not in release	Not in release	Needs evaluation
cadaver	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
cmake	Not affected	Not affected	Not affected	Not affected	Not affected
coin3	Not affected	Not affected	Not affected	Needs evaluation	Needs evaluation
expat	Fixed	Fixed	Fixed	Fixed	Fixed
firefox	Fixed	Fixed	Fixed	Fixed	Ignored
gdcm	Not affected	Not affected	Not affected	Not affected	Not affected
ghostscript	Not affected	Not affected	Not affected	Not affected	Not affected
insighttoolkit	Not in release	Not in release	Not in release	Not in release	Needs evaluation
insighttoolkit4	Not in release	Not affected	Not affected	Not affected	Needs evaluation
libxmltok	Not affected	Not affected	Not affected	Not affected	Not affected
matanza	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
smart	Not in release	Not in release	Not in release	Not affected	Not affected
swish-e	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tdom	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
texlive-bin	Not affected	Not affected	Not affected	Not affected	Not affected
thunderbird	Not affected	Not affected	Not affected	Ignored	Ignored
vnc4	Not in release	Not in release	Not in release	Needs evaluation	Needs evaluation
vtk	Not in release	Not in release	Not in release	Not in release	Needs evaluation
wbxml2	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xmlrpc-c	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-45949

Medium priority

Fixed

Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).

1 affected package

ghostscript

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ghostscript	—	Not affected	Fixed	Fixed	Fixed

CVE-2021-45944

Medium priority

Fixed

Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).

1 affected package

ghostscript

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ghostscript	—	Not affected	Fixed	Fixed	Fixed

CVE-2021-42785

Medium priority

Vulnerable

Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allows a remote attacker to execute arbitrary instructions via a crafted FramebufferUpdate packet from a VNC server.

1 affected package

tightvnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
tightvnc	Not affected	Not affected	Not affected	Not affected	Vulnerable

CVE-2021-3781

High priority

Fixed

A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands...

1 affected package

ghostscript

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ghostscript	—	Fixed	Fixed	Not affected	Not affected

CVE-2021-29338

Low priority

Some fixes available 4 of 53

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
blender	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
ghostscript	Not affected	Not affected	Not affected	Not affected	Not affected
insighttoolkit4	Not in release	Vulnerable	Vulnerable	Vulnerable	Vulnerable
openjpeg	Not in release	Not in release	Not in release	Not in release	Not affected
openjpeg2	Not affected	Fixed	Fixed	Fixed	Fixed
qtwebengine-opensource-src	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Not in release
texmaker	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2021-27211

Low priority

Vulnerable

steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to detect hidden data.

1 affected package

steghide

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
steghide	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable

Export to JSON

Results by page:

Search CVE reports