Search CVE reports
41 – 50 of 36084 results
Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778.179 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Use after free in GPU in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Inappropriate implementation in UI in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity:...
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
The MongoDB C Driver's legacy GridFS API accepts malformed file metadata from the database without adequate validation. Crafted documents in a GridFS collection may cause any application that reads those files via the legacy API...
1 affected package
mongo-c-driver
| Package | 24.04 LTS |
|---|---|
| mongo-c-driver | Needs evaluation |
[Unknown description]
2 affected packages
request-tracker4, request-tracker5
| Package | 24.04 LTS |
|---|---|
| request-tracker4 | Needs evaluation |
| request-tracker5 | Needs evaluation |
[Unknown description]
1 affected package
php-twig
| Package | 24.04 LTS |
|---|---|
| php-twig | Needs evaluation |
[Unknown description]
1 affected package
php-twig
| Package | 24.04 LTS |
|---|---|
| php-twig | Needs evaluation |
Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash.
1 affected package
libcrypt-saltedhash-perl
| Package | 24.04 LTS |
|---|---|
| libcrypt-saltedhash-perl | Needs evaluation |
Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography.
1 affected package
libcrypt-saltedhash-perl
| Package | 24.04 LTS |
|---|---|
| libcrypt-saltedhash-perl | Needs evaluation |