Search CVE reports
531 – 540 of 39915 results
A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this...
1 affected package
gnutls28
| Package | 22.04 LTS |
|---|---|
| gnutls28 | Fixed |
Not in release
fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the "-->" sequence in comment content or the "]]>" sequence in...
1 affected package
node-webfont
| Package | 22.04 LTS |
|---|---|
| node-webfont | Not in release |
Not in release
Incus is a system container and virtual machine manager. Prior to version 7.0.0, uploads of large amount of data by authenticated users can run the Incus server out of disk space, potentially taking down the host system. The...
2 affected packages
incus, lxd
| Package | 22.04 LTS |
|---|---|
| incus | Not in release |
| lxd | Not in release |
Not in release
Incus is a system container and virtual machine manager. Prior to version 7.0.0, backup.GetInfo() trusts the inline backup/index.yaml config when present and only falls back to parsing the legacy backup/container/backup.yaml file...
2 affected packages
incus, lxd
| Package | 22.04 LTS |
|---|---|
| incus | Not in release |
| lxd | Not in release |
Not in release
Incus is a system container and virtual machine manager. Prior to version 7.0.0, user provided image and backup tarballs would be unpacked and YAML files parsed without any size restrictions. This was making it easy for...
2 affected packages
incus, lxd
| Package | 22.04 LTS |
|---|---|
| incus | Not in release |
| lxd | Not in release |
Not in release
Incus is a system container and virtual machine manager. Prior to version 7.0.0, a missing error handling could lead an authenticated Incus user to cause a daemon crash through the import of a truncated storage bucket backup file....
1 affected package
incus
| Package | 22.04 LTS |
|---|---|
| incus | Not in release |
A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending...
1 affected package
gnutls28
| Package | 22.04 LTS |
|---|---|
| gnutls28 | Fixed |
Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was...
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 22.04 LTS |
|---|---|
| firefox | Not affected |
| thunderbird | Vulnerable |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Ignored |
| mozjs91 | Ignored |
| mozjs102 | Ignored |
| mozjs115 | Not in release |
Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited...
9 affected packages
mozjs52, firefox, thunderbird, mozjs38, mozjs68...
| Package | 22.04 LTS |
|---|---|
| mozjs52 | Not in release |
| firefox | Not affected |
| thunderbird | Vulnerable |
| mozjs38 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Ignored |
| mozjs91 | Ignored |
| mozjs102 | Ignored |
| mozjs115 | Not in release |
Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.2.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 22.04 LTS |
|---|---|
| firefox | Not affected |
| thunderbird | Vulnerable |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Ignored |
| mozjs91 | Ignored |
| mozjs102 | Ignored |
| mozjs115 | Not in release |