Search CVE reports
501 – 510 of 36841 results
Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.116 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via DevTools. (Chromium...
1 affected package
chromium-browser
| Package | 22.04 LTS |
|---|---|
| chromium-browser | Not affected |
Out of bounds read and write in Tint in Google Chrome on Mac prior to 145.0.7632.116 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 22.04 LTS |
|---|---|
| chromium-browser | Not affected |
Out of bounds read in Media in Google Chrome prior to 145.0.7632.116 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 22.04 LTS |
|---|---|
| chromium-browser | Not affected |
Not in release
Valkey is a distributed key-value database. Starting in version 9.0.0 and prior to version 9.0.3, a malicious actor with network access to Valkey can cause the system to abort by triggering an assertion. When processing incoming...
1 affected package
valkey
| Package | 22.04 LTS |
|---|---|
| valkey | Not in release |
Not in release
Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious actor with access to the Valkey clusterbus port can send an invalid packet that may cause an out bound read, which might...
1 affected package
valkey
| Package | 22.04 LTS |
|---|---|
| valkey | Not in release |
Not in release
Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially...
1 affected package
valkey
| Package | 22.04 LTS |
|---|---|
| valkey | Not in release |
strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component decoder_context::compute_framedrop_table().
1 affected package
libde265
| Package | 22.04 LTS |
|---|---|
| libde265 | Needs evaluation |
saitoha libsixel until v1.8.7 was discovered to contain a memory leak via the component malloc_stub.c.
1 affected package
libsixel
| Package | 22.04 LTS |
|---|---|
| libsixel | Needs evaluation |
Some fixes available 1 of 4
libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.
5 affected packages
tiff, qtwebengine-opensource-src, texmaker, gdal, neuron
| Package | 22.04 LTS |
|---|---|
| tiff | Fixed |
| qtwebengine-opensource-src | Needs evaluation |
| texmaker | Needs evaluation |
| gdal | Not affected |
| neuron | Needs evaluation |
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
5 affected packages
tiff, qtwebengine-opensource-src, texmaker, gdal, neuron
| Package | 22.04 LTS |
|---|---|
| tiff | Vulnerable |
| qtwebengine-opensource-src | Needs evaluation |
| texmaker | Needs evaluation |
| gdal | Not affected |
| neuron | Needs evaluation |