Search CVE reports
41 – 50 of 32672 results
In GStreamer through 1.26.1, the subparse plugin's subrip_unescape_formatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.
35 affected packages
gst-libav1.0, gst-plugins-bad1.0, gst-plugins-bad1.0-contrib, gst-plugins-base1.0, gst-plugins-good1.0...
| Package | 20.04 LTS |
|---|---|
| gst-libav1.0 | Needs evaluation |
| gst-plugins-bad1.0 | Needs evaluation |
| gst-plugins-bad1.0-contrib | — |
| gst-plugins-base1.0 | Needs evaluation |
| gst-plugins-good1.0 | Needs evaluation |
| gst-plugins-ugly1.0 | Needs evaluation |
| gst-python1.0 | Needs evaluation |
| gst-rtsp-server1.0 | Needs evaluation |
| gstreamer-editing-services1.0 | Needs evaluation |
| gstreamer-vaapi | Needs evaluation |
| gstreamer1.0 | Needs evaluation |
| qt-gstreamer | Needs evaluation |
| rust-gst-plugin-version-helper | — |
| rust-gstreamer | — |
| rust-gstreamer-allocators | — |
| rust-gstreamer-allocators-sys | — |
| rust-gstreamer-audio | — |
| rust-gstreamer-audio-sys | Needs evaluation |
| rust-gstreamer-base | — |
| rust-gstreamer-base-sys | Needs evaluation |
| rust-gstreamer-gl | — |
| rust-gstreamer-gl-egl | — |
| rust-gstreamer-gl-egl-sys | — |
| rust-gstreamer-gl-sys | — |
| rust-gstreamer-gl-wayland | — |
| rust-gstreamer-gl-wayland-sys | — |
| rust-gstreamer-gl-x11 | — |
| rust-gstreamer-gl-x11-sys | — |
| rust-gstreamer-pbutils | — |
| rust-gstreamer-pbutils-sys | — |
| rust-gstreamer-play | — |
| rust-gstreamer-play-sys | — |
| rust-gstreamer-sys | Needs evaluation |
| rust-gstreamer-video | — |
| rust-gstreamer-video-sys | Needs evaluation |
In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash.
35 affected packages
gst-libav1.0, gst-plugins-bad1.0, gst-plugins-bad1.0-contrib, gst-plugins-base1.0, gst-plugins-good1.0...
| Package | 20.04 LTS |
|---|---|
| gst-libav1.0 | Needs evaluation |
| gst-plugins-bad1.0 | Needs evaluation |
| gst-plugins-bad1.0-contrib | — |
| gst-plugins-base1.0 | Needs evaluation |
| gst-plugins-good1.0 | Needs evaluation |
| gst-plugins-ugly1.0 | Needs evaluation |
| gst-python1.0 | Needs evaluation |
| gst-rtsp-server1.0 | Needs evaluation |
| gstreamer-editing-services1.0 | Needs evaluation |
| gstreamer-vaapi | Needs evaluation |
| gstreamer1.0 | Needs evaluation |
| qt-gstreamer | Needs evaluation |
| rust-gst-plugin-version-helper | — |
| rust-gstreamer | — |
| rust-gstreamer-allocators | — |
| rust-gstreamer-allocators-sys | — |
| rust-gstreamer-audio | — |
| rust-gstreamer-audio-sys | Needs evaluation |
| rust-gstreamer-base | — |
| rust-gstreamer-base-sys | Needs evaluation |
| rust-gstreamer-gl | — |
| rust-gstreamer-gl-egl | — |
| rust-gstreamer-gl-egl-sys | — |
| rust-gstreamer-gl-sys | — |
| rust-gstreamer-gl-wayland | — |
| rust-gstreamer-gl-wayland-sys | — |
| rust-gstreamer-gl-x11 | — |
| rust-gstreamer-gl-x11-sys | — |
| rust-gstreamer-pbutils | — |
| rust-gstreamer-pbutils-sys | — |
| rust-gstreamer-play | — |
| rust-gstreamer-play-sys | — |
| rust-gstreamer-sys | Needs evaluation |
| rust-gstreamer-video | — |
| rust-gstreamer-video-sys | Needs evaluation |
In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure.
35 affected packages
gst-libav1.0, gst-plugins-bad1.0, gst-plugins-bad1.0-contrib, gst-plugins-base1.0, gst-plugins-good1.0...
| Package | 20.04 LTS |
|---|---|
| gst-libav1.0 | Needs evaluation |
| gst-plugins-bad1.0 | Needs evaluation |
| gst-plugins-bad1.0-contrib | — |
| gst-plugins-base1.0 | Needs evaluation |
| gst-plugins-good1.0 | Needs evaluation |
| gst-plugins-ugly1.0 | Needs evaluation |
| gst-python1.0 | Needs evaluation |
| gst-rtsp-server1.0 | Needs evaluation |
| gstreamer-editing-services1.0 | Needs evaluation |
| gstreamer-vaapi | Needs evaluation |
| gstreamer1.0 | Needs evaluation |
| qt-gstreamer | Needs evaluation |
| rust-gst-plugin-version-helper | — |
| rust-gstreamer | — |
| rust-gstreamer-allocators | — |
| rust-gstreamer-allocators-sys | — |
| rust-gstreamer-audio | — |
| rust-gstreamer-audio-sys | Needs evaluation |
| rust-gstreamer-base | — |
| rust-gstreamer-base-sys | Needs evaluation |
| rust-gstreamer-gl | — |
| rust-gstreamer-gl-egl | — |
| rust-gstreamer-gl-egl-sys | — |
| rust-gstreamer-gl-sys | — |
| rust-gstreamer-gl-wayland | — |
| rust-gstreamer-gl-wayland-sys | — |
| rust-gstreamer-gl-x11 | — |
| rust-gstreamer-gl-x11-sys | — |
| rust-gstreamer-pbutils | — |
| rust-gstreamer-pbutils-sys | — |
| rust-gstreamer-play | — |
| rust-gstreamer-play-sys | — |
| rust-gstreamer-sys | Needs evaluation |
| rust-gstreamer-video | — |
| rust-gstreamer-video-sys | Needs evaluation |
In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure.
35 affected packages
gst-libav1.0, gst-plugins-bad1.0, gst-plugins-bad1.0-contrib, gst-plugins-base1.0, gst-plugins-good1.0...
| Package | 20.04 LTS |
|---|---|
| gst-libav1.0 | Needs evaluation |
| gst-plugins-bad1.0 | Needs evaluation |
| gst-plugins-bad1.0-contrib | — |
| gst-plugins-base1.0 | Needs evaluation |
| gst-plugins-good1.0 | Needs evaluation |
| gst-plugins-ugly1.0 | Needs evaluation |
| gst-python1.0 | Needs evaluation |
| gst-rtsp-server1.0 | Needs evaluation |
| gstreamer-editing-services1.0 | Needs evaluation |
| gstreamer-vaapi | Needs evaluation |
| gstreamer1.0 | Needs evaluation |
| qt-gstreamer | Needs evaluation |
| rust-gst-plugin-version-helper | — |
| rust-gstreamer | — |
| rust-gstreamer-allocators | — |
| rust-gstreamer-allocators-sys | — |
| rust-gstreamer-audio | — |
| rust-gstreamer-audio-sys | Needs evaluation |
| rust-gstreamer-base | — |
| rust-gstreamer-base-sys | Needs evaluation |
| rust-gstreamer-gl | — |
| rust-gstreamer-gl-egl | — |
| rust-gstreamer-gl-egl-sys | — |
| rust-gstreamer-gl-sys | — |
| rust-gstreamer-gl-wayland | — |
| rust-gstreamer-gl-wayland-sys | — |
| rust-gstreamer-gl-x11 | — |
| rust-gstreamer-gl-x11-sys | — |
| rust-gstreamer-pbutils | — |
| rust-gstreamer-pbutils-sys | — |
| rust-gstreamer-play | — |
| rust-gstreamer-play-sys | — |
| rust-gstreamer-sys | Needs evaluation |
| rust-gstreamer-video | — |
| rust-gstreamer-video-sys | Needs evaluation |
Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can...
11 affected packages
golang-1.10, golang-1.13, golang-1.14, golang-1.16, golang-1.17...
| Package | 20.04 LTS |
|---|---|
| golang-1.10 | — |
| golang-1.13 | Needs evaluation |
| golang-1.14 | Needs evaluation |
| golang-1.16 | Needs evaluation |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.20 | Needs evaluation |
| golang-1.21 | Needs evaluation |
| golang-1.22 | Needs evaluation |
| golang-1.23 | — |
| golang-1.24 | — |
openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.
7 affected packages
openjpeg2, insighttoolkit4, qtwebengine-opensource-src, blender, texmaker...
| Package | 20.04 LTS |
|---|---|
| openjpeg2 | Needs evaluation |
| insighttoolkit4 | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation |
| blender | Needs evaluation |
| texmaker | Needs evaluation |
| ghostscript | Not affected |
| openjpeg | — |
EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality,...
1 affected package
edk2
| Package | 20.04 LTS |
|---|---|
| edk2 | Needs evaluation |
Let's Encrypt client and ACME library written in Go (Lego). In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package (thus the lego library and the lego cli as well) don't enforce HTTPS when talking to CAs as...
1 affected package
golang-github-xenolf-lego
| Package | 20.04 LTS |
|---|---|
| golang-github-xenolf-lego | Needs evaluation |
tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4.
1 affected package
node-tmp
| Package | 20.04 LTS |
|---|---|
| node-tmp | Needs evaluation |
Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by...
1 affected package
golang-github-rs-cors
| Package | 20.04 LTS |
|---|---|
| golang-github-rs-cors | Needs evaluation |