Search CVE reports


Toggle filters

461 – 470 of 1274 results


CVE-2021-22234

Medium priority
Needs evaluation

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.11 before 13.11.7, all versions starting from 13.12 before 13.12.8, and all versions starting from 14.0 before 14.0.4. A specially crafted design...

2 affected packages

gitlab, gitlab-agent

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release Not in release Not in release
gitlab-agent Needs evaluation Needs evaluation Not in release Not in release
Show less packages

CVE-2021-36083

Low priority
Needs evaluation

KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE.

1 affected package

kimageformats

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
kimageformats Not affected Not affected Not affected Needs evaluation Needs evaluation
Show less packages

CVE-2021-34183

Negligible priority
Ignored

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Not affected
Show less packages

CVE-2021-31855

Medium priority
Vulnerable

KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations. Deleting an attachment of a decrypted encrypted message stored on a remote server (e.g., an IMAP server) causes KMail to upload...

2 affected packages

kdepim4, kf5-messagelib

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
kdepim4 Not in release Not in release Not in release Not in release Vulnerable
kf5-messagelib Not in release Needs evaluation Needs evaluation Ignored Ignored
Show less packages

CVE-2020-24870

Medium priority
Needs evaluation

Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.

8 affected packages

darktable, dcraw, exactimage, kodi, libraw...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Not affected Not affected Not affected Not affected Not affected
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ufraw Not in release Not in release Not in release Not in release Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 8 packages Show less packages

CVE-2021-31525

Low priority
Needs evaluation

net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some...

6 affected packages

golang-1.11, golang-1.15, golang-1.16, golang-golang-x-net, golang-golang-x-net-dev, google-guest-agent

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-1.11 Not in release Not in release Not in release Not in release Not in release
golang-1.15 Not in release Not in release
golang-1.16 Not in release Not in release Not in release Needs evaluation Needs evaluation
golang-golang-x-net Not affected Not affected Not affected Not in release Not in release
golang-golang-x-net-dev Not in release Not in release Not in release Needs evaluation Needs evaluation
google-guest-agent Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-33194

Medium priority

Some fixes available 2 of 10

golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.

4 affected packages

golang-golang-x-net, golang-golang-x-net-dev, google-guest-agent, lxd

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-golang-x-net Not affected Not affected Not in release Not in release
golang-golang-x-net-dev Not in release Not in release Fixed Not affected
google-guest-agent Not affected Not affected Not affected Not affected
lxd Not in release Not in release Not affected Fixed
Show less packages

CVE-2020-27769

Low priority
Fixed

In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Not affected Fixed Fixed
Show less packages

CVE-2021-20313

Low priority

Some fixes available 13 of 16

A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality.

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2021-20312

Low priority

Some fixes available 13 of 16

A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Fixed Fixed Fixed Fixed Fixed
Show less packages