Search CVE reports
241 – 250 of 43937 results
The incremental HTML parser (html.parser.HTMLParser) allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data.
11 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 22.04 LTS |
|---|---|
| python2.7 | Needs evaluation |
| python3.4 | Not in release |
| python3.5 | Not in release |
| python3.6 | Not in release |
| python3.7 | Not in release |
| python3.8 | Not in release |
| python3.9 | Not in release |
| python3.10 | Needs evaluation |
| python3.11 | Needs evaluation |
| python3.12 | Not in release |
| python3.14 | Not in release |
When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota.
1 affected package
xen
| Package | 22.04 LTS |
|---|---|
| xen | Needs evaluation |
Not in release
Cesanta Mongoose before 7.22 contains an out-of-bounds read in the built-in TLS server function mg_tls_server_recv_hello(), which uses an attacker-controlled session_id_len byte from a TLS ClientHello as a buffer index without...
1 affected package
mongoose
| Package | 22.04 LTS |
|---|---|
| mongoose | Not in release |
A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsub_read_idx of the file /src/media_tools/vobsub.c of the component MP4Box. Executing a manipulation of the argument num_langs can lead...
1 affected package
gpac
| Package | 22.04 LTS |
|---|---|
| gpac | Needs evaluation |
httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate in _decompressContent...
1 affected package
python-httplib2
| Package | 22.04 LTS |
|---|---|
| python-httplib2 | Fixed |
A stack buffer overflow vulnerability was found in GStreamer's DTLS plugin. During a DTLS handshake, the peer certificate Subject Distinguished Name is printed into a fixed-size 2048-byte stack buffer without bounds checking....
1 affected package
gst-plugins-bad1.0
| Package | 22.04 LTS |
|---|---|
| gst-plugins-bad1.0 | Needs evaluation |
A heap buffer overflow vulnerability was found in GStreamer's rfbsrc plugin. When a client connects to a malicious RFB/VNC server that advertises a 16bpp framebuffer and sends Hextile-encoded updates, the Hextile background fill...
1 affected package
gst-plugins-bad1.0
| Package | 22.04 LTS |
|---|---|
| gst-plugins-bad1.0 | Needs evaluation |
[Unknown description]
1 affected package
gimp
| Package | 22.04 LTS |
|---|---|
| gimp | Needs evaluation |
[Unknown description]
1 affected package
gimp
| Package | 22.04 LTS |
|---|---|
| gimp | Needs evaluation |
[Unknown description]
1 affected package
gimp
| Package | 22.04 LTS |
|---|---|
| gimp | Needs evaluation |