Search CVE reports
281 – 290 of 33783 results
An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure.
1 affected package
netsurf
| Package | 22.04 LTS |
|---|---|
| netsurf | Needs evaluation |
NetSurf 3.11 is vulnerable to Use After Free in dom_node_set_text_content function.
1 affected package
netsurf
| Package | 22.04 LTS |
|---|---|
| netsurf | Needs evaluation |
An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the dom_node_normalize function
1 affected package
netsurf
| Package | 22.04 LTS |
|---|---|
| netsurf | Needs evaluation |
A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devices and moved to the net core code. The issue stems from the device's receive code...
1 affected package
qemu
| Package | 22.04 LTS |
|---|---|
| qemu | Not affected |
If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables.
13 affected packages
pypy3, python2.7, python3.4, python3.5, python3.6...
| Package | 22.04 LTS |
|---|---|
| pypy3 | Needs evaluation |
| python2.7 | Needs evaluation |
| python3.4 | Not in release |
| python3.5 | Not in release |
| python3.6 | Not in release |
| python3.7 | Not in release |
| python3.8 | Not in release |
| python3.9 | Not in release |
| python3.10 | Needs evaluation |
| python3.11 | Needs evaluation |
| python3.12 | Not in release |
| python3.13 | Not in release |
| python3.14 | Not in release |
When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no...
1 affected package
xen
| Package | 22.04 LTS |
|---|---|
| xen | Needs evaluation |
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen...
1 affected package
xen
| Package | 22.04 LTS |
|---|---|
| xen | Needs evaluation |
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen...
1 affected package
xen
| Package | 22.04 LTS |
|---|---|
| xen | Needs evaluation |
When cache is enabled, some passdb/userdb drivers incorrectly cache all users with same cache key, causing wrong cached information to be used for these users. After cached login, all subsequent logins are for same user. Install...
1 affected package
dovecot
| Package | 22.04 LTS |
|---|---|
| dovecot | Not affected |
QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read (or division by zero). This is fixed in 5.15.19, 6.5.9, and 6.8.2.
2 affected packages
qt6-connectivity, qtconnectivity-opensource-src
| Package | 22.04 LTS |
|---|---|
| qt6-connectivity | Needs evaluation |
| qtconnectivity-opensource-src | Needs evaluation |