Search CVE reports
91 – 100 of 141 results
The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers...
2 affected packages
file, php5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| file | — | — | — | — |
| php5 | — | — | — | — |
Some fixes available 2 of 4
The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote...
2 affected packages
file, php5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| file | — | — | — | — |
| php5 | — | — | — | — |
Some fixes available 1 of 5
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which...
2 affected packages
file, php5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| file | — | — | Not affected | Not affected |
| php5 | — | — | Not in release | Not in release |
Some fixes available 1 of 5
The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string.
2 affected packages
php5, file
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| php5 | — | — | Not in release | Not in release |
| file | — | — | Not affected | Not affected |
Some fixes available 1 of 5
The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes.
2 affected packages
file, php5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| file | — | — | Not affected | Not affected |
| php5 | — | — | Not in release | Not in release |
Some fixes available 2 of 4
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.
1 affected package
libsndfile
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsndfile | — | — | — | — |
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of...
2 affected packages
file, php5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| file | — | — | — | — |
| php5 | — | — | — | — |
The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attackers to cause a denial of service...
2 affected packages
php5, file
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| php5 | — | — | — | — |
| file | — | — | — | — |
softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.
2 affected packages
file, php5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| file | — | — | — | — |
| php5 | — | — | — | — |
The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities.
2 affected packages
file, php5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| file | — | — | — | — |
| php5 | — | — | — | — |