Search CVE reports
141 – 150 of 39382 results
Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Incorrect security UI in WebAppInstalls in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and...
1 affected package
dhcpcd
| Package | 24.04 LTS |
|---|---|
| dhcpcd | Needs evaluation |
CGI::Session::ID::md5 versions before 4.49 for Perl generate predictable session ids from low-entropy sources. The generate_id method builds the session id from a MD5 digest of the process id, the epoch time, and the built-in...
1 affected package
libcgi-session-perl
| Package | 24.04 LTS |
|---|---|
| libcgi-session-perl | Needs evaluation |
A security vulnerability has been detected in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function Assimp::SceneCombiner::Copy of the file code/Common/SceneCombiner.cpp of the component...
1 affected package
assimp
| Package | 24.04 LTS |
|---|---|
| assimp | Needs evaluation |
An out-of-bounds heap write exists in the RAR5 recovery-volume (.rev) parser in WinRAR and UnRAR (RecVolumes5::ReadHeader in recvol5.cpp). The RecItems vector is sized only when the first .rev file in a set is processed;...
1 affected package
unrar-nonfree
| Package | 24.04 LTS |
|---|---|
| unrar-nonfree | Needs evaluation |
An attacker who can send HTML chat messages (via Matrix or XMPP) can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. This vulnerability was fixed in Thunderbird 152.0.1 and Thunderbird 140.12.1.
1 affected package
thunderbird
| Package | 24.04 LTS |
|---|---|
| thunderbird | Needs evaluation |
A malicious LDAP server, which a Thunderbird user is configured to query for address-book autocomplete, can stash arbitrarily large amounts of attacker-supplied data into the Thunderbird LDAP client until it crashes due to memory...
1 affected package
thunderbird
| Package | 24.04 LTS |
|---|---|
| thunderbird | Needs evaluation |
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions prior to 1.3.6, 1.4.0-rc.1, 1.4.0-rc.12, 1.5.0-rc.1, and 1.5.0-rc.1, when setting up the container rootfs, setupPtmx and...
3 affected packages
runc, runc-app, runc-stable
| Package | 24.04 LTS |
|---|---|
| runc | Needs evaluation |
| runc-app | Needs evaluation |
| runc-stable | Not in release |