Search CVE reports
71 – 80 of 36612 results
dr_libs version 0.14.4 and earlier (fixed in commit 8a7258c) contain a heap buffer overflow vulnerability in the drwav__read_smpl_to_metadata_obj() function of dr_wav.h that allows memory corruption via crafted WAV...
5 affected packages
dosbox-x, faudio, octave-ltfat, qtads, roc-toolkit
| Package | 22.04 LTS |
|---|---|
| dosbox-x | Not in release |
| faudio | Needs evaluation |
| octave-ltfat | Needs evaluation |
| qtads | Needs evaluation |
| roc-toolkit | Not in release |
DOMPurify 3.1.3 through 3.3.1 and 2.5.3 through 2.5.8, fixed in commit 729097f, contain a cross-site scripting vulnerability that allows attackers to bypass attribute sanitization by exploiting five missing rawtext elements...
1 affected package
node-dompurify
| Package | 22.04 LTS |
|---|---|
| node-dompurify | Needs evaluation |
DOMPurify 3.1.3 through 3.2.6 and 2.5.3 through 2.5.8 contain a cross-site scripting vulnerability that allows attackers to bypass attribute sanitization by exploiting missing textarea rawtext element validation in the...
1 affected package
node-dompurify
| Package | 22.04 LTS |
|---|---|
| node-dompurify | Needs evaluation |
A heap-based buffer overflow vulnerability exists in the Intan CLP parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch (db9a9a63). A specially crafted Intan CLP file can lead to arbitrary code execution....
1 affected package
biosig
| Package | 22.04 LTS |
|---|---|
| biosig | Needs evaluation |
A heap-based buffer overflow vulnerability exists in the Nicolet WFT parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch (db9a9a63). A specially crafted .wft file can lead to arbitrary code execution. An...
1 affected package
biosig
| Package | 22.04 LTS |
|---|---|
| biosig | Needs evaluation |
An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch (5462afb0). A specially crafted .abf file can lead to an information leak. An attacker can provide...
1 affected package
biosig
| Package | 22.04 LTS |
|---|---|
| biosig | Needs evaluation |
An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker to cause file system objects to be created...
1 affected package
python-django
| Package | 22.04 LTS |
|---|---|
| python-django | Needs evaluation |
An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. `URLField.to_python()` in Django calls `urllib.parse.urlsplit()`, which performs NFKC normalization on Windows that is disproportionately slow...
1 affected package
python-django
| Package | 22.04 LTS |
|---|---|
| python-django | Not affected |
Not in release
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server.
1 affected package
lxd
| Package | 22.04 LTS |
|---|---|
| lxd | Not in release |
[Unknown description]
1 affected package
binutils
| Package | 22.04 LTS |
|---|---|
| binutils | Needs evaluation |