Search CVE reports

Toggle filters

1 – 10 of 881 results

CVE-2020-15999

High priority

Some fixes available 16 of 17

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

18 affected packages

android, chromium-browser, firefox, freetype, godot...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
android Not in release Not in release Not in release Not in release
chromium-browser Not affected Not affected Not in release Fixed
firefox Not affected Not affected Not in release Not affected
freetype Fixed Fixed Fixed Fixed
godot Not affected Not affected Not affected Not in release
graphicsmagick Not affected Not affected Not affected Not affected
musescore Not in release Not in release Not affected Not affected
openjdk-12 Not in release Not in release Not in release Not in release
openjdk-13 Not in release Not in release Not affected Not in release
openjdk-15 Not in release Not in release Not in release Not in release
openjdk-lts Not affected Not affected Not affected Not affected
oxide-qt Not in release Not in release Not in release Not in release
qtbase-opensource-src Not affected Not affected Not affected Not affected
qtbase-opensource-src-gles Not affected Not affected Not affected Not in release
texlive-bin Not affected Not affected Not affected Not affected
texmaker Not affected Not affected Not affected Not affected
thunderbird Not affected Not affected Not in release Not affected
paraview Not affected Not affected Not affected Not affected
Show all 18 packages Show less packages

CVE-2019-9746

Low priority
Vulnerable

In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.cc will trigger an abort, which allows a DoS attack, a similar issue to CVE-2018-19212.

3 affected packages

chromium-browser, oxide-qt, qtwebengine-opensource-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Not affected Not affected Not in release Not affected
oxide-qt Not in release Not in release Not in release Not in release
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2018-7751

Medium priority

Some fixes available 1 of 40

The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Infinite Loop) via a crafted XML file.

7 affected packages

gst-libav1.0, mplayer, mythtv, oxide-qt, libav...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
mplayer Not affected Not affected Not affected Not affected
mythtv Needs evaluation Needs evaluation Needs evaluation Needs evaluation
oxide-qt Not in release Not in release Not in release Not in release
libav Not in release Not in release Not in release Not in release
ffmpeg Not affected Not affected Not affected Fixed
vlc Not affected Not affected Not affected Not affected
Show all 7 packages Show less packages

CVE-2018-6548

Medium priority
Ignored

A use-after-free issue was discovered in libwebm through 2018-02-02. If a Vp9HeaderParser was initialized once before, its property frame_ would not be changed because of code in vp9parser::Vp9HeaderParser::SetFrame. Its frame_...

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Ignored
oxide-qt Not in release
Show less packages

CVE-2018-6406

Medium priority
Ignored

The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a...

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Ignored
oxide-qt Not in release
Show less packages

CVE-2018-6179

Low priority

Some fixes available 3 of 4

Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local...

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages

CVE-2018-6178

Low priority

Some fixes available 3 of 4

Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages

CVE-2018-6177

Low priority

Some fixes available 3 of 4

Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages

CVE-2018-6176

Medium priority

Some fixes available 3 of 4

Insufficient file type enforcement in Extensions API in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted Chrome Extension.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages

CVE-2018-6175

Low priority

Some fixes available 3 of 4

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON