Search CVE reports
11 – 20 of 34920 results
[IPv6 address parsing: fix buffer overread on invalid input]
1 affected package
openvpn
| Package | 20.04 LTS |
|---|---|
| openvpn | Not affected |
A mongoc_bulk_operation_t may read invalid memory if large options are passed.
2 affected packages
mongo-c-driver, php-mongodb
| Package | 20.04 LTS |
|---|---|
| mongo-c-driver | Needs evaluation |
| php-mongodb | Needs evaluation |
A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free issue, occurs because the normal_exit command is not properly unregistered when its related module is unloaded....
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 20.04 LTS |
|---|---|
| grub2 | Not affected |
| grub2-unsigned | Needs evaluation |
| grub2-signed | Needs evaluation |
A vulnerability has been identified in the GRUB2 bootloader's normal command that poses an immediate Denial of Service (DoS) risk. This flaw is a Use-after-Free issue, caused because the normal command is not properly unregistered...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 20.04 LTS |
|---|---|
| grub2 | Not affected |
| grub2-unsigned | Needs evaluation |
| grub2-signed | Needs evaluation |
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 20.04 LTS |
|---|---|
| grub2 | Not affected |
| grub2-unsigned | Needs evaluation |
| grub2-signed | Needs evaluation |
A vulnerability has been identified in the GRUB (Grand Unified Bootloader) component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 20.04 LTS |
|---|---|
| grub2 | Not affected |
| grub2-unsigned | Needs evaluation |
| grub2-signed | Needs evaluation |
A use-after-free vulnerability has been identified in the GNU GRUB (Grand Unified Bootloader). The flaw occurs because the file-closing process incorrectly retains a memory pointer, leaving an invalid reference to a file system...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 20.04 LTS |
|---|---|
| grub2 | Not affected |
| grub2-unsigned | Needs evaluation |
| grub2-signed | Needs evaluation |
A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service (DoS) risk. This flaw is a Use-after-Free issue, caused because the net_set_vlan command is not properly...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 20.04 LTS |
|---|---|
| grub2 | Not affected |
| grub2-unsigned | Needs evaluation |
| grub2-signed | Needs evaluation |
A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync...
1 affected package
rsync
| Package | 20.04 LTS |
|---|---|
| rsync | Needs evaluation |
Glob matches files using patterns the shell uses. From versions 10.3.7 to 11.0.3, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with...
1 affected package
node-glob
| Package | 20.04 LTS |
|---|---|
| node-glob | Not affected |