Search CVE reports
171 – 180 of 1235 results
An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18.0 and before allows attackers to cause a Denial of Service (DoS) via supplying a crafted PSD file.
1 affected package
freeimage
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freeimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is...
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | — | Not affected | Not affected | Not affected | Not affected |
In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead...
1 affected package
skanpage
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| skanpage | Needs evaluation | Needs evaluation | Not in release | — | — |
Some fixes available 8 of 26
SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.
4 affected packages
lxd, golang-go.crypto, snapd, google-guest-agent
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| lxd | Not in release | Not in release | Not in release | Not affected | Needs evaluation |
| golang-go.crypto | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| snapd | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| google-guest-agent | Fixed | Fixed | Fixed | Fixed | Fixed |
SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.
4 affected packages
golang-go.crypto, snapd, lxd, google-guest-agent
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| golang-go.crypto | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| snapd | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| lxd | Not in release | Not in release | Not in release | Not affected | Needs evaluation |
| google-guest-agent | Not affected | Not affected | Not affected | Not affected | Not affected |
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.
4 affected packages
golang-go.crypto, snapd, lxd, google-guest-agent
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| golang-go.crypto | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| snapd | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| lxd | Not in release | Not in release | Not in release | Not affected | Needs evaluation |
| google-guest-agent | Not affected | Not affected | Not affected | Not affected | Not affected |
A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ckeditor | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ckeditor3 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Dosage is a comic strip downloader and archiver. When downloading comic images in versions 3.1 and below, Dosage constructs target file names from different aspects of the remote comic (page URL, image URL, page content, etc.)....
1 affected package
dosage
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dosage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 1 of 3
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage...
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | Fixed | Not affected | Not affected | Not affected | Not affected |
Some fixes available 7 of 9
ImageMagick is an open source software suite for displaying, converting, and editing raster image files. In ImageMagick versions prior to 7.1.2-7 and 6.9.13-32, an integer overflow vulnerability exists in the BMP decoder on 32-bit...
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | Fixed | Fixed | Fixed | Fixed | Fixed |