Search CVE reports
21 – 30 of 41061 results
DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three...
1 affected package
libdbi-perl
| Package | 20.04 LTS |
|---|---|
| libdbi-perl | Needs evaluation |
Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory (the...
1 affected package
libprotocol-http2-perl
| Package | 20.04 LTS |
|---|---|
| libprotocol-http2-perl | Needs evaluation |
(WeasyPrint helps web developers to create PDF documents. Prior to vers ...)
1 affected package
weasyprint
| Package | 20.04 LTS |
|---|---|
| weasyprint | Needs evaluation |
[Unknown description]
1 affected package
libhtml-gumbo-perl
| Package | 20.04 LTS |
|---|---|
| libhtml-gumbo-perl | Needs evaluation |
(Out-of-bounds write vulnerability in Samsung Open Source rlottie allow ...)
1 affected package
rlottie
| Package | 20.04 LTS |
|---|---|
| rlottie | Needs evaluation |
(tarfile.data_filter could be bypassed using crafted link entries, incl ...)
13 affected packages
pypy3, python2.7, python3.4, python3.5, python3.6...
| Package | 20.04 LTS |
|---|---|
| pypy3 | Needs evaluation |
| python2.7 | Needs evaluation |
| python3.4 | — |
| python3.5 | — |
| python3.6 | — |
| python3.7 | — |
| python3.8 | Needs evaluation |
| python3.9 | Needs evaluation |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
Out-of-bounds write via Graphite actions
1 affected package
graphite2
| Package | 20.04 LTS |
|---|---|
| graphite2 | Needs evaluation |
[ZSA-2026-10]
2 affected packages
znuny, otrs2
| Package | 20.04 LTS |
|---|---|
| znuny | — |
| otrs2 | Needs evaluation |
[ZSA-2026-11]
2 affected packages
znuny, otrs2
| Package | 20.04 LTS |
|---|---|
| znuny | — |
| otrs2 | Needs evaluation |
In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution
1 affected package
libinput
| Package | 20.04 LTS |
|---|---|
| libinput | Needs evaluation |