Search CVE reports
81 – 90 of 35081 results
In gokey versions <0.2.0, a flaw in the seed decryption logic resulted in passwords incorrectly being derived solely from the initial vector and the AES-GCM authentication tag of the key seed. This issue has been fixed in gokey...
1 affected package
gokey
| Package | 20.04 LTS |
|---|---|
| gokey | Needs evaluation |
A use-after-free in the MPEG1or2Demux::newElementaryStream() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MPEG Program stream.
1 affected package
liblivemedia
| Package | 20.04 LTS |
|---|---|
| liblivemedia | Needs evaluation |
When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 20.04 LTS |
|---|---|
| python2.7 | Needs evaluation |
| python3.4 | — |
| python3.5 | — |
| python3.6 | — |
| python3.7 | — |
| python3.8 | Needs evaluation |
| python3.9 | Needs evaluation |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory,...
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 20.04 LTS |
|---|---|
| python2.7 | Needs evaluation |
| python3.4 | — |
| python3.5 | — |
| python3.6 | — |
| python3.7 | — |
| python3.8 | Needs evaluation |
| python3.9 | Needs evaluation |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS file.
1 affected package
liblivemedia
| Package | 20.04 LTS |
|---|---|
| liblivemedia | Needs evaluation |
A heap overflow in the MatroskaFile::createRTPSinkForTrackNumber() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MKV file.
1 affected package
liblivemedia
| Package | 20.04 LTS |
|---|---|
| liblivemedia | Needs evaluation |
A use-after-free in the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS/AAC file.
1 affected package
liblivemedia
| Package | 20.04 LTS |
|---|---|
| liblivemedia | Needs evaluation |
A buffer overflow in the getSideInfo2() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via a crafted MP3 stream.
1 affected package
liblivemedia
| Package | 20.04 LTS |
|---|---|
| liblivemedia | Needs evaluation |
An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service.
1 affected package
zabbix
| Package | 20.04 LTS |
|---|---|
| zabbix | Needs evaluation |
An authenticated Zabbix Super Admin can exploit the oauth.authorize action to read arbitrary files from the webserver leading to potential confidentiality loss.
1 affected package
zabbix
| Package | 20.04 LTS |
|---|---|
| zabbix | Needs evaluation |