Search CVE reports
401 – 410 of 35606 results
FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required...
1 affected package
fontforge
| Package | 22.04 LTS |
|---|---|
| fontforge | Vulnerable |
FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is...
1 affected package
fontforge
| Package | 22.04 LTS |
|---|---|
| fontforge | Vulnerable |
FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is...
1 affected package
fontforge
| Package | 22.04 LTS |
|---|---|
| fontforge | Vulnerable |
FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit...
1 affected package
fontforge
| Package | 22.04 LTS |
|---|---|
| fontforge | Vulnerable |
libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes...
1 affected package
libsodium
| Package | 22.04 LTS |
|---|---|
| libsodium | Fixed |
cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode...
1 affected package
cbor2
| Package | 22.04 LTS |
|---|---|
| cbor2 | Needs evaluation |
On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message includes characters that UTF-8 represents using 4 bytes, utf_16le_to_utf_8_truncated() can write data beyond the end of the provided buffer.
1 affected package
libpcap
| Package | 22.04 LTS |
|---|---|
| libpcap | Not affected |
pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this...
1 affected package
libpcap
| Package | 22.04 LTS |
|---|---|
| libpcap | Needs evaluation |
Rejected reason: This candidate is a duplicate of CVE-2017-11359.
1 affected package
sox
| Package | 22.04 LTS |
|---|---|
| sox | Not affected |
URI is a module providing classes to handle Uniform Resource Identifiers. In versions prior to 0.12.5, 0.13.3, and 1.0.4, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials. When using the `+` operator...
7 affected packages
ruby2.3, ruby2.5, ruby2.7, ruby3.0, ruby3.2...
| Package | 22.04 LTS |
|---|---|
| ruby2.3 | Not in release |
| ruby2.5 | Not in release |
| ruby2.7 | Not in release |
| ruby3.0 | Needs evaluation |
| ruby3.2 | Not in release |
| ruby3.3 | Not in release |
| jruby | Not in release |