Search CVE reports
41 – 50 of 30303 results
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will...
1 affected package
imagemagick
| Package | 26.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a missing depth check in the MVG decoder will result in a stack overflow when a crafted image...
1 affected package
imagemagick
| Package | 26.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write...
1 affected package
imagemagick
| Package | 26.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when identifying an image with a crafted 8BIM profile with a specific format string a...
1 affected package
imagemagick
| Package | 26.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
mchange-commons-java is a Java library of shared utility classes used by mchange projects like the c3p0 connection pool. Prior to version 0.6.0, its JNDI ObjectFactory implementation (com.mchange.v2.naming.JavaBeanObjectFactory)...
1 affected package
c3p0
| Package | 26.04 LTS |
|---|---|
| c3p0 | Needs evaluation |
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Versions prior to 3.1.4 are vulnerable to Remote Denial of Service via panic while parsing a crafted ECDHE_PSK ServerKeyExchange message. This issue has been...
2 affected packages
golang-github-pion-dtls-v3, golang-github-pion-dtls.v2
| Package | 26.04 LTS |
|---|---|
| golang-github-pion-dtls-v3 | Needs evaluation |
| golang-github-pion-dtls.v2 | Needs evaluation |
Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of...
1 affected package
rust-wasmtime
| Package | 26.04 LTS |
|---|---|
| rust-wasmtime | Needs evaluation |
Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache HttpComponents Core (5.4.2 and earlier, 5.5-beta1 and earlier) allows an remote attacker to cause a denial of service through memory...
2 affected packages
httpcomponents-core, httpcomponents-core5
| Package | 26.04 LTS |
|---|---|
| httpcomponents-core | Needs evaluation |
| httpcomponents-core5 | Needs evaluation |
Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache HttpComponents Core (5.4.2 and earlier, 5.5-beta1 and earlier) allows an remote attacker to cause a denial of service through memory...
2 affected packages
httpcomponents-core, httpcomponents-core5
| Package | 26.04 LTS |
|---|---|
| httpcomponents-core | Needs evaluation |
| httpcomponents-core5 | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, the MNG decoder contains a possible heap information disclosure vulnerability because part of...
1 affected package
imagemagick
| Package | 26.04 LTS |
|---|---|
| imagemagick | Needs evaluation |