Search CVE reports
201 – 210 of 249 results
There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
3 affected packages
openjpeg2, ghostscript, openjpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openjpeg2 | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| openjpeg | Not in release | Not in release | Not in release | Not in release |
There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
3 affected packages
openjpeg2, ghostscript, openjpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openjpeg2 | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| openjpeg | Not in release | Not in release | Not in release | Not in release |
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls...
1 affected package
ghostscript
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ghostscript | — | — | — | — |
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.
1 affected package
ghostscript
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ghostscript | — | — | — | — |
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.
1 affected package
ghostscript
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ghostscript | — | — | — | — |
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.
1 affected package
ghostscript
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ghostscript | — | — | — | — |
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.
1 affected package
ghostscript
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ghostscript | — | — | — | — |
Some fixes available 5 of 101
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this...
31 affected packages
apache2, apr-util, cmake, poco, sitecopy...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apache2 | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected |
| cmake | Not affected | Not affected | Not affected | Not affected |
| poco | Not affected | Not affected | Not affected | Not affected |
| sitecopy | Not in release | Not affected | Not affected | Not affected |
| tla | Not affected | Not affected | Not affected | Not affected |
| cadaver | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit | Not in release | Not in release | Not in release | Not in release |
| audacity | Not affected | Not affected | Not affected | Not affected |
| matanza | Not affected | Not affected | Not affected | Not affected |
| cableswig | Not in release | Not in release | Not in release | Not in release |
| xmlrpc-c | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| ayttm | Not in release | Not in release | Not in release | Not in release |
| xotcl | Not affected | Not affected | Not affected | Not affected |
| expat | Not affected | Not affected | Not affected | Not affected |
| libxmltok | Not affected | Not affected | Not affected | Not affected |
| coin3 | Not affected | Not affected | Not affected | Not affected |
| gdcm | Not affected | Not affected | Not affected | Not affected |
| smart | Not in release | Not in release | Not in release | Not affected |
| vtk | Not in release | Not in release | Not in release | Not in release |
| kompozer | Not in release | Not in release | Not in release | Not in release |
| libparagui1.1 | Not in release | Not in release | Not in release | Not in release |
| simgear | Not affected | Not affected | Not affected | Not affected |
| swish-e | Not affected | Not affected | Not affected | Not affected |
| tdom | Not affected | Not affected | Not affected | Not affected |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| vnc4 | Not in release | Not in release | Not in release | Ignored |
| wbxml2 | Not affected | Not affected | Not affected | Not affected |
| wxwidgets2.6 | Not in release | Not in release | Not in release | Not in release |
| wxwidgets2.8 | Not in release | Not in release | Not in release | Not in release |
Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default...
2 affected packages
ghostscript, lcms2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ghostscript | — | — | — | — |
| lcms2 | — | — | — | — |
Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the...
1 affected package
ghostscript
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ghostscript | — | — | — | — |