Search CVE reports
21 – 30 of 31371 results
Not in release
A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted `.keras` model archive.
1 affected package
keras
| Package | 22.04 LTS |
|---|---|
| keras | Not in release |
A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The...
1 affected package
autogen
| Package | 22.04 LTS |
|---|---|
| autogen | Needs evaluation |
A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access...
1 affected package
cflow
| Package | 22.04 LTS |
|---|---|
| cflow | Needs evaluation |
A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack...
1 affected package
cflow
| Package | 22.04 LTS |
|---|---|
| cflow | Needs evaluation |
A vulnerability classified as problematic has been found in GNU Bison up to 3.8.2. Affected is the function code_free of the file src/scan-code.c. The manipulation leads to double free. The attack needs to be approached locally....
1 affected package
bison
| Package | 22.04 LTS |
|---|---|
| bison | Needs evaluation |
A vulnerability was found in GNU Bison up to 3.8.2. It has been rated as problematic. This issue affects the function __obstack_vprintf_internal of the file obprintf.c. The manipulation leads to reachable assertion. It is possible...
1 affected package
bison
| Package | 22.04 LTS |
|---|---|
| bison | Needs evaluation |
A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled...
1 affected package
libxml2
| Package | 22.04 LTS |
|---|---|
| libxml2 | Needs evaluation |
Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql...
7 affected packages
postgresql-17, postgresql-16, postgresql-14, postgresql-12, postgresql-10...
| Package | 22.04 LTS |
|---|---|
| postgresql-17 | Not in release |
| postgresql-16 | Not in release |
| postgresql-14 | Needs evaluation |
| postgresql-12 | Not in release |
| postgresql-10 | Not in release |
| postgresql-9.5 | Not in release |
| postgresql-9.3 | Not in release |
Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via...
7 affected packages
postgresql-17, postgresql-16, postgresql-14, postgresql-12, postgresql-10...
| Package | 22.04 LTS |
|---|---|
| postgresql-17 | Not in release |
| postgresql-16 | Not in release |
| postgresql-14 | Needs evaluation |
| postgresql-12 | Not in release |
| postgresql-10 | Not in release |
| postgresql-9.5 | Not in release |
| postgresql-9.3 | Not in release |
PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. ...
7 affected packages
postgresql-17, postgresql-16, postgresql-14, postgresql-12, postgresql-10...
| Package | 22.04 LTS |
|---|---|
| postgresql-17 | Not in release |
| postgresql-16 | Not in release |
| postgresql-14 | Needs evaluation |
| postgresql-12 | Not in release |
| postgresql-10 | Not in release |
| postgresql-9.5 | Not in release |
| postgresql-9.3 | Not in release |