Search CVE reports

Toggle filters

81 – 90 of 95 results

CVE-2012-1148

Low priority

Some fixes available 44 of 403

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause...

41 affected packages

ayttm, poco, celementtree, python-xml, paraview...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ayttm Not in release Not in release Not in release Not in release
poco Not affected Not affected Not affected Not affected
celementtree Not in release Not in release Not in release Not in release
python-xml Not in release Not in release Not in release Not in release
paraview Not affected Not affected Not affected Not affected
kompozer Not in release Not in release Not in release Not in release
libparagui1.1 Not in release Not in release Not in release Not in release
swish-e Vulnerable Vulnerable Vulnerable Vulnerable
cadaver Vulnerable Vulnerable Vulnerable Vulnerable
audacity Not affected Not affected Not affected Not affected
smart Not in release Not in release Not in release Not affected
apache2 Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected
cmake Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected
python2.4 Not in release Not in release Not in release Not in release
python2.5 Not in release Not in release Not in release Not in release
texlive-bin Not affected Not affected Not affected Not affected
tla Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Ignored
w3c-libwww Not in release Not in release Not in release Not in release
wxwidgets2.6 Not in release Not in release Not in release Not in release
sitecopy Not in release Not affected Not affected Not affected
wbxml2 Not affected Not affected Not affected Not affected
xulrunner Not in release Not in release Not in release Not in release
insighttoolkit Not in release Not in release Not in release Not in release
cableswig Not in release Not in release Not in release Not in release
matanza Ignored Ignored Ignored Ignored
libxmltok Fixed Fixed Fixed Fixed
xotcl Not affected Not affected Not affected Not affected
coin3 Not affected Not affected Not affected Vulnerable
gdcm Not affected Not affected Not affected Not affected
simgear Not affected Not affected Not affected Not affected
tdom Not affected Not affected Not affected Not affected
vtk Not in release Not in release Not in release Not in release
wxwidgets2.8 Not in release Not in release Not in release Not in release
grmonitor Not in release Not in release Not in release Not in release
expat Not affected Not affected Not affected Not affected
python2.6 Not in release Not in release Not in release Not in release
wxwindows2.4 Not in release Not in release Not in release Not in release
xmlrpc-c Fixed Fixed Fixed Fixed
Show all 41 packages Show less packages

CVE-2012-1147

Low priority
Ignored

readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.

40 affected packages

expat, apr-util, audacity, ayttm, cableswig...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
expat Not affected
apr-util Ignored
audacity Not affected
ayttm Not in release
cableswig Not in release
cadaver Not affected
coin3 Not affected
gdcm Not affected
insighttoolkit Not in release
matanza Not affected
paraview Not affected
poco Not affected
simgear Not affected
sitecopy Not affected
swish-e Not affected
tdom Not affected
texlive-bin Ignored
tla Not affected
vnc4 Ignored
vtk Not in release
wbxml2 Not affected
wxwidgets2.8 Not in release
apache2 Ignored
celementtree Not in release
cmake Ignored
ghostscript Ignored
grmonitor Not in release
kompozer Not in release
libparagui1.1 Not in release
python-xml Not in release
python2.4 Not in release
python2.5 Not in release
python2.6 Not in release
smart Ignored
w3c-libwww Not in release
wxwidgets2.6 Not in release
wxwindows2.4 Not in release
xmlrpc-c Ignored
xotcl Not affected
xulrunner Not in release
Show all 40 packages Show less packages

CVE-2012-0876

Medium priority

Some fixes available 37 of 392

The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption)...

41 affected packages

cmake, paraview, python-xml, libparagui1.1, poco...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
cmake Not affected Not affected Not affected Not affected
paraview Not affected Not affected Not affected Not affected
python-xml Not in release Not in release Not in release Not in release
libparagui1.1 Not in release Not in release Not in release Not in release
poco Not affected Not affected Not affected Not affected
insighttoolkit Not in release Not in release Not in release Not in release
ayttm Not in release Not in release Not in release Not in release
audacity Not affected Not affected Not affected Not affected
matanza Ignored Ignored Ignored Ignored
smart Not in release Not in release Not in release Not affected
vnc4 Not in release Not in release Not in release Ignored
w3c-libwww Not in release Not in release Not in release Not in release
xotcl Not affected Not affected Not affected Not affected
tla Not affected Not affected Not affected Not affected
sitecopy Not in release Not affected Not affected Not affected
wbxml2 Not affected Not affected Not affected Not affected
wxwindows2.4 Not in release Not in release Not in release Not in release
cableswig Not in release Not in release Not in release Not in release
coin3 Not affected Not affected Not affected Vulnerable
gdcm Not affected Not affected Not affected Not affected
grmonitor Not in release Not in release Not in release Not in release
simgear Not affected Not affected Not affected Not affected
tdom Not affected Not affected Not affected Not affected
vtk Not in release Not in release Not in release Not in release
cadaver Vulnerable Vulnerable Vulnerable Vulnerable
swish-e Vulnerable Vulnerable Vulnerable Vulnerable
expat Not affected Not affected Not affected Not affected
apache2 Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected
celementtree Not in release Not in release Not in release Not in release
ghostscript Not affected Not affected Not affected Not affected
python2.4 Not in release Not in release Not in release Not in release
python2.5 Not in release Not in release Not in release Not in release
python2.6 Not in release Not in release Not in release Not in release
kompozer Not in release Not in release Not in release Not in release
libxmltok Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected
wxwidgets2.6 Not in release Not in release Not in release Not in release
wxwidgets2.8 Not in release Not in release Not in release Not in release
xmlrpc-c Fixed Fixed Fixed Fixed
xulrunner Not in release Not in release Not in release Not in release
Show all 41 packages Show less packages

CVE-2012-0840

Low priority
Ignored

tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial...

1 affected package

apr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apr
Show less packages

CVE-2011-1928

Medium priority
Fixed

The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does...

2 affected packages

apache2, apr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2
apr
Show less packages

CVE-2011-0419

Medium priority
Fixed

Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD...

2 affected packages

apache2, apr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2
apr
Show less packages

CVE-2010-1623

Medium priority

Some fixes available 6 of 7

Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other...

2 affected packages

apache2, apr-util

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2
apr-util
Show less packages

CVE-2009-3720

Low priority

Some fixes available 81 of 535

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML...

41 affected packages

apache2, apr-util, expat, cmake, celementtree...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected
expat Fixed Fixed Fixed Fixed
cmake Not affected Not affected Not affected Not affected
celementtree Not in release Not in release Not in release Not in release
paraview Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Not affected
poco Not affected Not affected Not affected Not affected
kompozer Not in release Not in release Not in release Not in release
cadaver Vulnerable Vulnerable Vulnerable Vulnerable
ayttm Not in release Not in release Not in release Not in release
audacity Not affected Not affected Not affected Not affected
matanza Ignored Ignored Ignored Ignored
libxmltok Not affected Not affected Not affected Not affected
smart Not in release Not in release Not in release Not affected
texlive-bin Not affected Not affected Not affected Not affected
wxwidgets2.8 Not in release Not in release Not in release Not in release
tla Not affected Not affected Not affected Not affected
libparagui1.1 Not in release Not in release Not in release Not in release
sitecopy Not in release Not affected Not affected Not affected
wbxml2 Not affected Not affected Not affected Not affected
xulrunner Not in release Not in release Not in release Not in release
insighttoolkit Not in release Not in release Not in release Not in release
wxwindows2.4 Not in release Not in release Not in release Not in release
cableswig Not in release Not in release Not in release Not in release
gdcm Not affected Not affected Not affected Not affected
grmonitor Not in release Not in release Not in release Not in release
tdom Not affected Not affected Not affected Not affected
vtk Not in release Not in release Not in release Not in release
coin3 Vulnerable Vulnerable Vulnerable Vulnerable
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation
python-xml Not in release Not in release Not in release Not in release
python2.4 Not in release Not in release Not in release Not in release
python2.5 Not in release Not in release Not in release Not in release
python2.6 Not in release Not in release Not in release Not in release
w3c-libwww Not in release Not in release Not in release Not in release
wxwidgets2.6 Not in release Not in release Not in release Not in release
xmlrpc-c Fixed Fixed Fixed Fixed
xotcl Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected
simgear Not affected Not affected Not affected Not affected
Show all 41 packages Show less packages

CVE-2009-3560

Medium priority

Some fixes available 81 of 503

The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed...

41 affected packages

vtk, apache2, python-xml, paraview, poco...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
vtk Not in release Not in release Not in release Not in release
apache2 Not affected Not affected Not affected Not affected
python-xml Not in release Not in release Not in release Not in release
paraview Not affected Not affected Not affected Not affected
poco Not affected Not affected Not affected Not affected
libparagui1.1 Not in release Not in release Not in release Not in release
insighttoolkit Not in release Not in release Not in release Not in release
ayttm Not in release Not in release Not in release Not in release
audacity Not affected Not affected Not affected Not affected
smart Not in release Not in release Not in release Not affected
libxmltok Not affected Not affected Not affected Not affected
matanza Ignored Ignored Ignored Ignored
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation
cableswig Not in release Not in release Not in release Not in release
coin3 Not affected Not affected Not affected Vulnerable
apr-util Not affected Not affected Not affected Not affected
cadaver Not affected Not affected Not affected Not affected
celementtree Not in release Not in release Not in release Not in release
cmake Not affected Not affected Not affected Not affected
expat Fixed Fixed Fixed Fixed
gdcm Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected
grmonitor Not in release Not in release Not in release Not in release
kompozer Not in release Not in release Not in release Not in release
python2.4 Not in release Not in release Not in release Not in release
python2.5 Not in release Not in release Not in release Not in release
python2.6 Not in release Not in release Not in release Not in release
simgear Not affected Not affected Not affected Not affected
sitecopy Not in release Not affected Not affected Not affected
tdom Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected
tla Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Not affected
w3c-libwww Not in release Not in release Not in release Not in release
wbxml2 Not affected Not affected Not affected Not affected
wxwidgets2.6 Not in release Not in release Not in release Not in release
wxwidgets2.8 Not in release Not in release Not in release Not in release
wxwindows2.4 Not in release Not in release Not in release Not in release
xmlrpc-c Fixed Fixed Fixed Fixed
xotcl Not affected Not affected Not affected Not affected
xulrunner Not in release Not in release Not in release Not in release
Show all 41 packages Show less packages

CVE-2009-2699

Medium priority
Not affected

The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle...

1 affected package

apr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apr
Show less packages
  1. Previous page
  2. 6
  3. 7
  4. 8
  5. 9
  6. 10
  7. Next page
Export to JSON