Search CVE reports


Toggle filters

31 – 40 of 107 results


CVE-2021-46143

Medium priority

Some fixes available 39 of 330

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.

50 affected packages

apache2, apr-util, astropy, audacity, ayttm...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
astropy Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
audacity Not affected Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release Not in release
cableswig Not in release Not in release Not in release Not in release Not in release
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
cmake Not affected Not affected Not affected Not affected Not affected
coda Needs evaluation Needs evaluation Needs evaluation Needs evaluation
coin3 Not affected Not affected Not affected Not affected Needs evaluation
emboss Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
expat Fixed Fixed Fixed Fixed Fixed
firefox Fixed Fixed Fixed Fixed Fixed
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
harp Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ibm-3270 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit Not in release Not in release Not in release Not in release Not in release
insighttoolkit4 Not in release Not in release Not affected Not affected Not affected
insighttoolkit5 Needs evaluation Needs evaluation Needs evaluation
libsynthesis Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libxmltok Not in release Fixed Fixed Fixed Fixed
mame Fixed Fixed Fixed Fixed Fixed
matanza Ignored Ignored Ignored Ignored Ignored
opencollada Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
paraview Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
poco Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
python2.7 Not in release Not in release Not affected Not affected Not affected
python3.10 Not in release Not in release Not affected Not in release Not in release
python3.4 Not in release Not in release Not in release Not in release Not in release
python3.5 Not in release Not in release Not in release Not in release Not in release
python3.6 Not in release Not in release Not in release Not in release Not affected
python3.7 Not in release Not in release Not in release Not in release Not affected
python3.8 Not in release Not in release Not in release Not affected Not affected
python3.9 Not in release Not in release Not in release Not affected Not in release
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
sitecopy Needs evaluation Not in release Needs evaluation Needs evaluation Needs evaluation
smart Not in release Not in release Not in release Not in release Not affected
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texlive-bin Not affected Not affected Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected Not in release Ignored
tla Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
visp Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vnc4 Not in release Not in release Not in release Not in release Needs evaluation
vtk Not in release Not in release Not in release Not in release Not in release
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xmlrpc
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xsd Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 50 packages Show less packages

CVE-2020-23906

Medium priority
Needs evaluation

FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of data authenticity.

2 affected packages

ffmpeg, qtwebengine-opensource-src

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Not affected
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-38094

Medium priority

Some fixes available 1 of 8

Integer Overflow vulnerability in function filter_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

2 affected packages

ffmpeg, qtwebengine-opensource-src

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Fixed Not affected
qtwebengine-opensource-src Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-38093

Medium priority

Some fixes available 1 of 8

Integer Overflow vulnerability in function filter_robert in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

2 affected packages

ffmpeg, qtwebengine-opensource-src

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Fixed Not affected
qtwebengine-opensource-src Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-38092

Medium priority

Some fixes available 1 of 8

Integer Overflow vulnerability in function filter_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

2 affected packages

ffmpeg, qtwebengine-opensource-src

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Fixed Not affected
qtwebengine-opensource-src Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-38091

Medium priority

Some fixes available 1 of 8

Integer Overflow vulnerability in function filter16_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

2 affected packages

ffmpeg, qtwebengine-opensource-src

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Fixed Not affected
qtwebengine-opensource-src Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-38090

Medium priority

Some fixes available 1 of 8

Integer Overflow vulnerability in function filter16_roberts in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

2 affected packages

ffmpeg, qtwebengine-opensource-src

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Fixed Not affected
qtwebengine-opensource-src Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-38089

Medium priority
Ignored

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-22035. Reason: This candidate is a duplicate of CVE-2020-22035. Notes: All CVE users should reference CVE-2020-22035 instead of this candidate. All references...

3 affected packages

ffmpeg, qtwebengine-opensource-src, vice

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected
qtwebengine-opensource-src Not affected Not affected
vice Not affected Not affected
Show less packages

CVE-2020-20902

Low priority

Some fixes available 1 of 8

A CWE-125: Out-of-bounds read vulnerability exists in long_term_filter function in g729postfilter.c in FFmpeg 4.2.1 during computation of the denominator of pseudo-normalized correlation R'(0), that could result in disclosure of...

2 affected packages

ffmpeg, qtwebengine-opensource-src

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Not affected Not affected
qtwebengine-opensource-src Not affected Not affected Not affected Not affected
Show less packages

CVE-2020-20901

Medium priority
Ignored

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-22022. Reason: This candidate is a duplicate of CVE-2020-22022. Notes: All CVE users should reference CVE-2020-22022 instead of this candidate. All references...

3 affected packages

ffmpeg, qtwebengine-opensource-src, vice

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected
qtwebengine-opensource-src Not affected Not affected
vice Not affected Not affected
Show less packages