Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

191 – 200 of 217 results

CVE-2012-6702

Medium priority

Some fixes available 5 of 100

Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.

32 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
audacity Needs evaluation Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release Not affected
cableswig Not in release Not in release Not in release Not in release Not affected
cadaver Not affected Not affected Not affected Not affected Not affected
cmake Not affected Not affected Not affected Not affected Not affected
coin3 Not affected Not affected Not affected Not affected Not affected
expat Not affected Not affected Not affected Not affected Fixed
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
insighttoolkit Not in release Not in release Not in release Not in release Vulnerable
kompozer Not in release Not in release Not in release Not in release Not in release
libparagui1.1 Not in release Not in release Not in release Not in release Not in release
libxmltok Not affected Not affected Not affected Not affected Not affected
matanza Not affected Not affected Not affected Not affected Not affected
paraview Not affected Not affected Not affected Not affected Not affected
poco Not affected Not affected Not affected Not affected Not affected
simgear Not affected Not affected Not affected Not affected Not affected
sitecopy Not in release Not affected Not affected Not affected Not affected
smart Not in release Not in release Not in release Not affected Not affected
swish-e Not affected Not affected Not affected Not affected Not affected
tdom Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
tla Not affected Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Ignored Ignored
vtk Not in release Not in release Not in release Not in release Not affected
wbxml2 Not affected Not affected Not affected Not affected Not affected
wxwidgets2.6 Not in release Not in release Not in release Not in release Not in release
wxwidgets2.8 Not in release Not in release Not in release Not in release Not in release
xmlrpc-c Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
xotcl Not affected Not affected Not affected Not affected Not affected
Show all 32 packages Show less packages

CVE-2012-4405

Medium priority

Some fixes available 2 of 6

Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial...

5 affected packages

argyll, ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
argyll Not affected
ghostscript Not affected
gs-afpl Not in release
gs-esp Not in release
gs-gpl Not in release
Show less packages

CVE-2012-1147

Low priority
Ignored

readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.

40 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apache2 Ignored Ignored
apr-util Ignored Ignored
audacity Not affected Not affected
ayttm Not in release Not affected
cableswig Not in release Not affected
cadaver Not affected Not affected
celementtree Not in release Not in release
cmake Ignored Ignored
coin3 Not affected Not affected
expat Not affected Not affected
gdcm Not affected Not affected
ghostscript Ignored Ignored
grmonitor Not in release Not in release
insighttoolkit Not in release Not affected
kompozer Not in release Not in release
libparagui1.1 Not in release Not in release
matanza Not affected Not affected
paraview Not affected Not affected
poco Not affected Not affected
python-xml Not in release Not in release
python2.4 Not in release Not in release
python2.5 Not in release Not in release
python2.6 Not in release Not in release
simgear Not affected Not affected
sitecopy Not affected Not affected
smart Ignored Ignored
swish-e Not affected Not affected
tdom Not affected Not affected
texlive-bin Ignored Ignored
tla Not affected Not affected
vnc4 Ignored Ignored
vtk Not in release Not affected
w3c-libwww Not in release Not in release
wbxml2 Not affected Not affected
wxwidgets2.6 Not in release Not in release
wxwidgets2.8 Not in release Not in release
wxwindows2.4 Not in release Not in release
xmlrpc-c Ignored Ignored
xotcl Not affected Not affected
xulrunner Not in release Not in release
Show all 40 packages Show less packages

CVE-2012-1148

Low priority

Some fixes available 39 of 391

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause...

41 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
audacity Needs evaluation Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release Vulnerable
cableswig Not in release Not in release Not in release Not in release Vulnerable
cadaver Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
celementtree Not in release Not in release Not in release Not in release Not in release
cmake Not affected Not affected Not affected Not affected Not affected
coin3 Not affected Not affected Not affected Vulnerable Vulnerable
expat Not affected Not affected Not affected Not affected Not affected
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
grmonitor Not in release Not in release Not in release Not in release Not in release
insighttoolkit Not in release Not in release Not in release Not in release Vulnerable
kompozer Not in release Not in release Not in release Not in release Not in release
libparagui1.1 Not in release Not in release Not in release Not in release Not in release
libxmltok Vulnerable Fixed Fixed Fixed Fixed
matanza Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
paraview Not affected Not affected Not affected Not affected Not affected
poco Not affected Not affected Not affected Not affected Not affected
python-xml Not in release Not in release Not in release Not in release Not in release
python2.4 Not in release Not in release Not in release Not in release Not in release
python2.5 Not in release Not in release Not in release Not in release Not in release
python2.6 Not in release Not in release Not in release Not in release Not in release
simgear Not affected Not affected Not affected Not affected Not affected
sitecopy Not in release Not affected Not affected Not affected Not affected
smart Not in release Not in release Not in release Not affected Not affected
swish-e Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
tdom Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
tla Not affected Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Ignored Ignored
vtk Not in release Not in release Not in release Not in release Not affected
w3c-libwww Not in release Not in release Not in release Not in release Not in release
wbxml2 Not affected Not affected Not affected Not affected Not affected
wxwidgets2.6 Not in release Not in release Not in release Not in release Not in release
wxwidgets2.8 Not in release Not in release Not in release Not in release Not in release
wxwindows2.4 Not in release Not in release Not in release Not in release Not in release
xmlrpc-c Fixed Fixed Fixed Fixed Fixed
xotcl Not affected Not affected Not affected Not affected Not affected
xulrunner Not in release Not in release Not in release Not in release Not in release
Show all 41 packages Show less packages

CVE-2012-0876

Medium priority

Some fixes available 35 of 382

The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption)...

41 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
audacity Needs evaluation Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release Vulnerable
cableswig Not in release Not in release Not in release Not in release Vulnerable
cadaver Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
celementtree Not in release Not in release Not in release Not in release Not in release
cmake Not affected Not affected Not affected Not affected Not affected
coin3 Not affected Not affected Not affected Vulnerable Vulnerable
expat Not affected Not affected Not affected Not affected Not affected
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
grmonitor Not in release Not in release Not in release Not in release Not in release
insighttoolkit Not in release Not in release Not in release Not in release Vulnerable
kompozer Not in release Not in release Not in release Not in release Not in release
libparagui1.1 Not in release Not in release Not in release Not in release Not in release
libxmltok Not affected Not affected Not affected Not affected Not affected
matanza Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
paraview Not affected Not affected Not affected Not affected Not affected
poco Not affected Not affected Not affected Not affected Not affected
python-xml Not in release Not in release Not in release Not in release Not in release
python2.4 Not in release Not in release Not in release Not in release Not in release
python2.5 Not in release Not in release Not in release Not in release Not in release
python2.6 Not in release Not in release Not in release Not in release Not in release
simgear Not affected Not affected Not affected Not affected Not affected
sitecopy Not in release Not affected Not affected Not affected Not affected
smart Not in release Not in release Not in release Not affected Not affected
swish-e Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
tdom Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
tla Not affected Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Ignored Ignored
vtk Not in release Not in release Not in release Not in release Not affected
w3c-libwww Not in release Not in release Not in release Not in release Not in release
wbxml2 Not affected Not affected Not affected Not affected Not affected
wxwidgets2.6 Not in release Not in release Not in release Not in release Not in release
wxwidgets2.8 Not in release Not in release Not in release Not in release Not in release
wxwindows2.4 Not in release Not in release Not in release Not in release Not in release
xmlrpc-c Fixed Fixed Fixed Fixed Fixed
xotcl Not affected Not affected Not affected Not affected Not affected
xulrunner Not in release Not in release Not in release Not in release Not in release
Show all 41 packages Show less packages

CVE-2011-4517

Medium priority

Some fixes available 7 of 8

The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary...

3 affected packages

ghostscript, jasper, netpbm-free

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
jasper
netpbm-free
Show less packages

CVE-2011-4516

Medium priority

Some fixes available 7 of 8

Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls...

3 affected packages

ghostscript, jasper, netpbm-free

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
jasper
netpbm-free
Show less packages

CVE-2010-4054

Low priority

Some fixes available 1 of 6

The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043.

4 affected packages

ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
gs-afpl
gs-esp
gs-gpl
Show less packages

CVE-2009-3743

Low priority

Some fixes available 1 of 6

Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed...

4 affected packages

ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
gs-afpl
gs-esp
gs-gpl
Show less packages

CVE-2010-2055

Medium priority
Ignored

Ghostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option...

4 affected packages

ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
gs-afpl
gs-esp
gs-gpl
Show less packages
  1. Previous page
  2. 18
  3. 19
  4. 20
  5. 21
  6. 22
  7. Next page
Export to JSON