Search CVE reports
31 – 40 of 38480 results
XKB Out-of-bounds Read in CheckSetGeom(). Each key alias entry contains two key names (the alias and the real key name). The code in CheckSetGeom() does its bounds checking using only the first name, allowing XkbAddGeomKeyAlias to...
7 affected packages
xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...
| Package | 20.04 LTS |
|---|---|
| xorg | Not affected |
| xorg-server | Needs evaluation |
| xwayland | — |
| xorg-server-hwe-16.04 | — |
| xorg-server-hwe-18.04 | — |
| xorg-hwe-16.04 | — |
| xorg-hwe-18.04 | — |
XKB Integer Underflow in XkbSetCompatMap(). If a "compat" buffer was previously truncated, there will be unused space left in the buffer. The code in XkbSetCompatMap() will use that space, but fails to update the number of valid...
7 affected packages
xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...
| Package | 20.04 LTS |
|---|---|
| xorg | Not affected |
| xorg-server | Needs evaluation |
| xwayland | — |
| xorg-server-hwe-16.04 | — |
| xorg-server-hwe-18.04 | — |
| xorg-hwe-16.04 | — |
| xorg-hwe-18.04 | — |
Not in release
Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jv_parse_sized() API in libjq accepts a counted buffer with an explicit length parameter, but its error-handling path formats the...
1 affected package
jq
| Package | 20.04 LTS |
|---|---|
| jq | Needs evaluation |
jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the _strindices builtin in jq's src/builtin.c passes its arguments directly to jv_string_indexes() without verifying they are strings,...
1 affected package
jq
| Package | 20.04 LTS |
|---|---|
| jq | Needs evaluation |
Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open()" API could have commands injected into the underlying shell....
14 affected packages
jython, pypy3, python2.7, python3.4, python3.5...
| Package | 20.04 LTS |
|---|---|
| jython | Needs evaluation |
| pypy3 | Needs evaluation |
| python2.7 | Needs evaluation |
| python3.4 | — |
| python3.5 | — |
| python3.6 | — |
| python3.7 | — |
| python3.8 | Needs evaluation |
| python3.9 | Needs evaluation |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is read. This issue...
1 affected package
imagemagick
| Package | 20.04 LTS |
|---|---|
| imagemagick | Needs evaluation |