Search CVE reports
471 – 480 of 42732 results
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash.
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 18.04 LTS |
|---|---|
| webkitgtk | Ignored |
| webkit2gtk | Ignored |
| qtwebkit-source | Ignored |
| qtwebkit-opensource-src | Ignored |
| wpewebkit | — |
Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This...
1 affected package
isc-kea
| Package | 18.04 LTS |
|---|---|
| isc-kea | Needs evaluation |
A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0). Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly (mis)match an IP address. In...
3 affected packages
bind9, isc-dhcp, bind9-libs
| Package | 18.04 LTS |
|---|---|
| bind9 | Not affected |
| isc-dhcp | Needs evaluation |
| bind9-libs | — |
Under certain conditions, `named` may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature (TSIG) from a key...
3 affected packages
bind9, isc-dhcp, bind9-libs
| Package | 18.04 LTS |
|---|---|
| bind9 | Not affected |
| isc-dhcp | Needs evaluation |
| bind9-libs | — |
A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through...
3 affected packages
bind9, isc-dhcp, bind9-libs
| Package | 18.04 LTS |
|---|---|
| bind9 | Not affected |
| isc-dhcp | Needs evaluation |
| bind9-libs | — |
If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where...
3 affected packages
bind9, isc-dhcp, bind9-libs
| Package | 18.04 LTS |
|---|---|
| bind9 | Needs evaluation |
| isc-dhcp | Needs evaluation |
| bind9-libs | — |
A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser...
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 18.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | Needs evaluation |
| mozjs52 | Ignored |
| mozjs68 | — |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Spoofing issue in Thunderbird. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 18.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | Needs evaluation |
| mozjs52 | Ignored |
| mozjs68 | — |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob() function on Unix-like systems. By including a newline character (\n) in a pattern passed to...
1 affected package
vim
| Package | 18.04 LTS |
|---|---|
| vim | Needs evaluation |
LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput() in httpd.c that allow remote attackers to cause a denial of...
6 affected packages
libvncserver, vino, x11vnc, veyon, italc, tightvnc
| Package | 18.04 LTS |
|---|---|
| libvncserver | Needs evaluation |
| vino | Needs evaluation |
| x11vnc | Needs evaluation |
| veyon | — |
| italc | Needs evaluation |
| tightvnc | Needs evaluation |