Search CVE reports
1 – 10 of 41721 results
Heap buffer overflow in AMQP login handshake via undersized connection.tune.frame_max
1 affected package
librabbitmq
| Package | 22.04 LTS |
|---|---|
| librabbitmq | Fixed |
size_t underflow in AMQP frame length computation leads to out-of-bounds read in rabbitmq-c
1 affected package
librabbitmq
| Package | 22.04 LTS |
|---|---|
| librabbitmq | Fixed |
(A heap buffer overflow flaw was found in 389 Directory Server. When se ...)
1 affected package
389-ds-base
| Package | 22.04 LTS |
|---|---|
| 389-ds-base | Needs evaluation |
Not in release
(Debusine is an integrated solution to build, distribute and maintain a ...)
1 affected package
debusine
| Package | 22.04 LTS |
|---|---|
| debusine | Not in release |
Not in release
(Debusine is an integrated solution to build, distribute and maintain a ...)
1 affected package
debusine
| Package | 22.04 LTS |
|---|---|
| debusine | Not in release |
[Unknown description]
1 affected package
389-ds-base
| Package | 22.04 LTS |
|---|---|
| 389-ds-base | Needs evaluation |
GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle. GD::Image::_make_filehandle opens a filename argument with Perl's 2-arg open(), so a...
1 affected package
libgd-perl
| Package | 22.04 LTS |
|---|---|
| libgd-perl | Needs evaluation |
kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large...
1 affected package
python-kafka
| Package | 22.04 LTS |
|---|---|
| python-kafka | Needs evaluation |
A local privilege escalation vulnerability was found in the ansible.posix authorized_key module. The module's keyfile() function uses os.chown() instead of os.lchown() and opens files without O_NOFOLLOW when managing...
2 affected packages
ansible, ansible-core
| Package | 22.04 LTS |
|---|---|
| ansible | Needs evaluation |
| ansible-core | Needs evaluation |
lldpd is an implementation of IEEE 802.1ab (LLDP). Prior to version 1.0.22, lldpd_decode() in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove() to shift the frame payload 4 bytes left....
2 affected packages
lldpd, openvswitch
| Package | 22.04 LTS |
|---|---|
| lldpd | Needs evaluation |
| openvswitch | Needs evaluation |