Search CVE reports
11 – 20 of 48029 results
v2.4/v3.1 regression: Pigeonhole: ManageSieve panic occurs with sieve-connect as a client. ManageSieve AUTHENTICATE command crashes when using literal as ASL initial response. This can be used to crash ManageSieve service...
1 affected package
dovecot
| Package | 16.04 LTS |
|---|---|
| dovecot | Vulnerable |
decode2text.sh OOXML extraction may follow symlinks and read unintended files during indexing. Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker...
1 affected package
dovecot
| Package | 16.04 LTS |
|---|---|
| dovecot | Vulnerable |
Invalid base64 authentication can cause DoS for other logins. When sending invalid base64 SASL data, login process is disconnected from the auth server, causing all active authentication sessions to fail. Invalid BASE64 data can...
1 affected package
dovecot
| Package | 16.04 LTS |
|---|---|
| dovecot | Not affected |
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an...
5 affected packages
tiff, qtwebengine-opensource-src, texmaker, gdal, neuron
| Package | 16.04 LTS |
|---|---|
| tiff | Needs evaluation |
| qtwebengine-opensource-src | — |
| texmaker | Not affected |
| gdal | Needs evaluation |
| neuron | — |
NULL Pointer Dereference vulnerability in tmate-io tmate.This issue affects tmate: before 2.4.0.
1 affected package
tmate
| Package | 16.04 LTS |
|---|---|
| tmate | Needs evaluation |
The webbrowser.open() API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended to sanitize URLs prior to passing...
14 affected packages
jython, pypy3, python2.7, python3.4, python3.5...
| Package | 16.04 LTS |
|---|---|
| jython | Needs evaluation |
| pypy3 | — |
| python2.7 | Needs evaluation |
| python3.4 | — |
| python3.5 | Needs evaluation |
| python3.6 | — |
| python3.7 | — |
| python3.8 | — |
| python3.9 | — |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.14 | — |
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the...
2 affected packages
glibc, eglibc
| Package | 16.04 LTS |
|---|---|
| glibc | Needs evaluation |
| eglibc | — |
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server,...
2 affected packages
glibc, eglibc
| Package | 16.04 LTS |
|---|---|
| glibc | Needs evaluation |
| eglibc | — |
(fontconfig before 2.17.1 has an off-by-one error in allocation during ...)
1 affected package
fontconfig
| Package | 16.04 LTS |
|---|---|
| fontconfig | Needs evaluation |
[Unknown description]
2 affected packages
pypdf, pypdf2
| Package | 16.04 LTS |
|---|---|
| pypdf | — |
| pypdf2 | Needs evaluation |