Search CVE reports
151 – 160 of 32574 results
CVE-2024-57823
Medium priorityIn Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path().
1 affected package
raptor2
| Package | 18.04 LTS |
|---|---|
| raptor2 | Vulnerable |
CVE-2024-57822
Medium priorityIn Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal().
1 affected package
raptor2
| Package | 18.04 LTS |
|---|---|
| raptor2 | Vulnerable |
CVE-2025-23016
Medium priorityFastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.
1 affected package
libfcgi
| Package | 18.04 LTS |
|---|---|
| libfcgi | Vulnerable |
CVE-2023-1907
Medium priorityA vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously.
1 affected package
pgadmin3
| Package | 18.04 LTS |
|---|---|
| pgadmin3 | Needs evaluation |
CVE-2025-0306
Medium priorityA vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with...
7 affected packages
jruby, ruby2.3, ruby2.5, ruby2.7, ruby3.0...
| Package | 18.04 LTS |
|---|---|
| jruby | Needs evaluation |
| ruby2.3 | — |
| ruby2.5 | Needs evaluation |
| ruby2.7 | — |
| ruby3.0 | — |
| ruby3.2 | — |
| ruby3.3 | — |
CVE-2024-56827
Medium priorityA flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior.
7 affected packages
blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...
| Package | 18.04 LTS |
|---|---|
| blender | Needs evaluation |
| ghostscript | Needs evaluation |
| insighttoolkit4 | Needs evaluation |
| openjpeg | — |
| openjpeg2 | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation |
| texmaker | Needs evaluation |
CVE-2024-56826
Medium priorityA flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior.
7 affected packages
blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...
| Package | 18.04 LTS |
|---|---|
| blender | Needs evaluation |
| ghostscript | Needs evaluation |
| insighttoolkit4 | Needs evaluation |
| openjpeg | — |
| openjpeg2 | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation |
| texmaker | Needs evaluation |
CVE-2024-37372
Medium priorityThe Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not always true. This subtle bug leads to vulnerable edge cases.
1 affected package
nodejs
| Package | 18.04 LTS |
|---|---|
| nodejs | Needs evaluation |
CVE-2024-27980
Medium priorityDue to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.
1 affected package
nodejs
| Package | 18.04 LTS |
|---|---|
| nodejs | Not affected |
CVE-2023-38037
Medium priorityActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file's permissions are defaulted to the user's current `umask` settings, meaning that it's possible for other users on...
7 affected packages
rails, rails-4.0, ruby-actionpack-3.2, ruby-activemodel-3.2, ruby-activerecord-3.2...
| Package | 18.04 LTS |
|---|---|
| rails | Needs evaluation |
| rails-4.0 | Not in release |
| ruby-actionpack-3.2 | Not in release |
| ruby-activemodel-3.2 | Not in release |
| ruby-activerecord-3.2 | Not in release |
| ruby-activesupport-3.2 | Not in release |
| ruby-rails-3.2 | Not in release |