Search CVE reports
31 – 40 of 48128 results
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's...
5 affected packages
libpng, libpng1.6, firefox, thunderbird, chromium-browser
| Package | 16.04 LTS |
|---|---|
| libpng | Needs evaluation |
| libpng1.6 | Needs evaluation |
| firefox | — |
| thunderbird | — |
| chromium-browser | — |
Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under...
2 affected packages
incus, lxd
| Package | 16.04 LTS |
|---|---|
| incus | — |
| lxd | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a...
1 affected package
imagemagick
| Package | 16.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 `display` interaction path that could lead to...
1 affected package
imagemagick
| Package | 16.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a...
5 affected packages
libpng, libpng1.6, firefox, thunderbird, chromium-browser
| Package | 16.04 LTS |
|---|---|
| libpng | Needs evaluation |
| libpng1.6 | Needs evaluation |
| firefox | — |
| thunderbird | — |
| chromium-browser | — |
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions...
1 affected package
etcd
| Package | 16.04 LTS |
|---|---|
| etcd | Needs evaluation |
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, an authenticated user with RBAC restricted permissions on key ranges can use nested transactions to bypass...
1 affected package
etcd
| Package | 16.04 LTS |
|---|---|
| etcd | Needs evaluation |
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a path traversal vulnerability exists in Calibre' handling of images in Markdown and other similar...
1 affected package
calibre
| Package | 16.04 LTS |
|---|---|
| calibre | Needs evaluation |
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a Server-Side Request Forgery vulnerability in the background-image endpoint of calibre e-book reader's...
1 affected package
calibre
| Package | 16.04 LTS |
|---|---|
| calibre | Needs evaluation |
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 16.04 LTS |
|---|---|
| webkitgtk | Ignored |
| webkit2gtk | Ignored |
| qtwebkit-source | Ignored |
| qtwebkit-opensource-src | Ignored |
| wpewebkit | — |