Search CVE reports

371 – 380 of 1235 results

Detailed view

Sort by:

CVE-2022-41649

Medium priority

Needs evaluation

A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF images in OpenImageIO v2.3.19.0. A specially-crafted TIFF file can cause a read of adjacent heap memory, which can leak sensitive...

1 affected package

openimageio

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openimageio	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-41639

Medium priority

Needs evaluation

A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of bounds memory corruption, which...

1 affected package

openimageio

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openimageio	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-38143

Medium priority

Needs evaluation

A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted bmp file can write to arbitrary out of bounds memory, which can lead to arbitrary code...

1 affected package

openimageio

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openimageio	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-36354

Medium priority

Needs evaluation

A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, in the way run-length encoded byte spans are handled. A malformed RLA file can lead to...

1 affected package

openimageio

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openimageio	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-45939

Medium priority

Some fixes available 4 of 27

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For...

6 affected packages

emacs, xemacs21-packages, emacs23, emacs24, emacs25, xemacs21

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
emacs	Not affected	Not affected	Fixed	Fixed	Not in release
xemacs21-packages	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
emacs23	—	—	Not in release	Not in release	Not in release
emacs24	—	—	Not in release	Not in release	Not in release
emacs25	—	—	Not in release	Not in release	Fixed
xemacs21	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-3213

Medium priority

Not affected

A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.

1 affected package

imagemagick

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	—	—	Not affected	Not affected	Not affected

CVE-2022-27664

Medium priority

Some fixes available 26 of 38

In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.

17 affected packages

golang-1.13, golang-1.14, golang-1.16, golang-1.17, golang-1.18...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
golang-1.13	Not in release	Not in release	Fixed	Fixed	Fixed
golang-1.14	—	—	Not in release	Vulnerable	Not in release
golang-1.16	—	—	Not in release	Fixed	Fixed
golang-1.17	—	—	Vulnerable	Not in release	Not in release
golang-1.18	Not in release	Not in release	Fixed	Fixed	Fixed
golang-1.6	—	—	Not in release	Not in release	Not in release
golang-1.8	—	—	Not in release	Not in release	Vulnerable
golang-1.9	—	—	Not in release	Not in release	Vulnerable
golang	—	—	Not in release	Not in release	Not in release
golang-1.10	—	—	Not in release	Not in release	Vulnerable
golang-golang-x-net	Not affected	Not affected	Fixed	Not in release	Not in release
google-guest-agent	Fixed	Fixed	Fixed	Fixed	Needs evaluation
containerd	Not affected	Not affected	Not affected	Not affected	Not affected
golang-golang-x-net-dev	Not in release	Not in release	Not in release	Fixed	Fixed
adsys	Not affected	Not affected	Not affected	Fixed	—
juju-core	Not in release	Not in release	Not in release	—	—
lxd	Not in release	Not in release	Not in release	Not affected	Fixed

CVE-2020-35535

Medium priority

Needs evaluation

In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when processing srf files.

9 affected packages

darktable, dcraw, digikam, exactimage, kodi...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
digikam	Not affected	Not affected	Not affected	Not affected	Not affected
exactimage	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release	Not in release
libraw	Not affected	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Not in release	Needs evaluation

CVE-2020-35534

Medium priority

Needs evaluation

In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.

9 affected packages

darktable, dcraw, digikam, exactimage, kodi...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
digikam	Not affected	Not affected	Not affected	Not affected	Not affected
exactimage	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release	Not in release
libraw	Not affected	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Not in release	Needs evaluation

CVE-2020-35533

Medium priority

Some fixes available 4 of 64

In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file.

9 affected packages

darktable, dcraw, digikam, exactimage, kodi...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
digikam	Not affected	Not affected	Not affected	Fixed	Fixed
exactimage	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libraw	Not affected	Not affected	Not affected	Fixed	Fixed
ufraw	Not in release	Not in release	Not in release	Not in release	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release	Not in release

Export to JSON

Results by page: