Search CVE reports
11 – 20 of 48016 results
Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to...
1 affected package
mod-gnutls
| Package | 16.04 LTS |
|---|---|
| mod-gnutls | Needs evaluation |
Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior to 0.12.3 and 0.13.0, code for client certificate verification imported the certificate chain sent by the client into a fixed size `gnutls_x509_crt_t...
1 affected package
mod-gnutls
| Package | 16.04 LTS |
|---|---|
| mod-gnutls | Needs evaluation |
Freeciv21 is a free open source, turn-based, empire-building strategy game. Versions prior to 3.1.1 crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this to take down any public...
1 affected package
freeciv
| Package | 16.04 LTS |
|---|---|
| freeciv | Needs evaluation |
Action Pack is a Rubygem for building web applications on the Rails framework. In versions on the 8.1 branch prior to 8.1.2.1, the debug exceptions page does not properly escape exception messages. A carefully crafted exception...
1 affected package
rails
| Package | 16.04 LTS |
|---|---|
| rails | Needs evaluation |
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading out-of-bounds heap read in pjsip_multipart_parse(). After boundary string matching, curptr is advanced past...
1 affected package
pjproject
| Package | 16.04 LTS |
|---|---|
| pjproject | Needs evaluation |
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's...
1 affected package
pjproject
| Package | 16.04 LTS |
|---|---|
| pjproject | Needs evaluation |
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between...
1 affected package
pjproject
| Package | 16.04 LTS |
|---|---|
| pjproject | Needs evaluation |
LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput() in httpd.c that allow remote attackers to cause a denial of...
6 affected packages
libvncserver, vino, x11vnc, veyon, italc, tightvnc
| Package | 16.04 LTS |
|---|---|
| libvncserver | Needs evaluation |
| vino | Needs evaluation |
| x11vnc | Needs evaluation |
| veyon | — |
| italc | Needs evaluation |
| tightvnc | Needs evaluation |
LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application...
6 affected packages
veyon, libvncserver, vino, x11vnc, italc, tightvnc
| Package | 16.04 LTS |
|---|---|
| veyon | — |
| libvncserver | Needs evaluation |
| vino | Needs evaluation |
| x11vnc | Needs evaluation |
| italc | Needs evaluation |
| tightvnc | Needs evaluation |
[Unknown description]
2 affected packages
squid, squid3
| Package | 16.04 LTS |
|---|---|
| squid | — |
| squid3 | Needs evaluation |