Search CVE reports
31 – 40 of 22110 results
CVE-2024-35365
Medium priorityFFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component of FFmpeg, specifically within the new_stream_audio function.
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | Not in release |
CVE-2024-56830
Medium priorityThe Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand() if no strong randomization module is present.
1 affected package
libnet-easytcp-perl
| Package | 24.04 LTS |
|---|---|
| libnet-easytcp-perl | Needs evaluation |
CVE-2024-56827
Medium priorityheap-buffer-overflow at lib/openjp2/j2k.c:8460:84 in opj_j2k_add_tlmarker in openjpeg/opj_decompress
7 affected packages
blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...
| Package | 24.04 LTS |
|---|---|
| blender | Needs evaluation |
| ghostscript | Not affected |
| insighttoolkit4 | Not in release |
| openjpeg | Not in release |
| openjpeg2 | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation |
| texmaker | Needs evaluation |
CVE-2024-56826
Medium priorityheap-buffer-overflow at bin/common/color.c:215:42 in sycc422_to_rgb in openjpeg/opj_decompress
7 affected packages
blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...
| Package | 24.04 LTS |
|---|---|
| blender | Needs evaluation |
| ghostscript | Not affected |
| insighttoolkit4 | Not in release |
| openjpeg | Not in release |
| openjpeg2 | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation |
| texmaker | Needs evaluation |
CVE-2024-4982
Medium priority[Path traversal in view_issue_raw_file()]
1 affected package
pagure
| Package | 24.04 LTS |
|---|---|
| pagure | Needs evaluation |
CVE-2024-4981
Medium priority[pagure: _update_file_in_git() follows symbolic links in temporary clones]
1 affected package
pagure
| Package | 24.04 LTS |
|---|---|
| pagure | Needs evaluation |
CVE-2024-47516
Medium priority[Argument Injection in PagureRepo.log()]
1 affected package
pagure
| Package | 24.04 LTS |
|---|---|
| pagure | Needs evaluation |
CVE-2022-49035
Medium priorityIn the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case.
125 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
| Package | 24.04 LTS |
|---|---|
| linux | Needs evaluation |
| linux-allwinner-5.19 | Not in release |
| linux-aws | Needs evaluation |
| linux-aws-5.0 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-5.8 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-aws-6.8 | Not in release |
| linux-aws-fips | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure | Needs evaluation |
| linux-azure-4.15 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-azure-edge | Not in release |
| linux-azure-fde | Not in release |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-azure-fips | Not in release |
| linux-bluefield | Not in release |
| linux-fips | Not in release |
| linux-gcp | Needs evaluation |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-gcp-fips | Not in release |
| linux-gke | Needs evaluation |
| linux-gke-4.15 | Not in release |
| linux-gke-5.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gkeop | Needs evaluation |
| linux-gkeop-5.15 | Not in release |
| linux-gkeop-5.4 | Not in release |
| linux-hwe | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Not in release |
| linux-hwe-5.4 | Not in release |
| linux-hwe-5.8 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-hwe-edge | Not in release |
| linux-ibm | Needs evaluation |
| linux-ibm-5.15 | Not in release |
| linux-ibm-5.4 | Not in release |
| linux-intel-5.13 | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-kvm | Not in release |
| linux-lowlatency | Needs evaluation |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-lts-xenial | Not in release |
| linux-nvidia | Needs evaluation |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-lowlatency | Needs evaluation |
| linux-oem | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Not in release |
| linux-oem-5.6 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.11 | Needs evaluation |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Needs evaluation |
| linux-oracle | Needs evaluation |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Not in release |
| linux-oracle-6.5 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-raspi | Needs evaluation |
| linux-raspi-5.4 | Not in release |
| linux-raspi-realtime | Not in release |
| linux-raspi2 | Not in release |
| linux-realtime | Not in release |
| linux-riscv | Needs evaluation |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Not in release |
| linux-riscv-5.8 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |
| linux-xilinx-zynqmp | Not in release |
CVE-2023-6603
Medium priorityA flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization.
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | Not in release |
CVE-2023-6602
Medium priorityA flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists.
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | Not in release |