Search CVE reports
11 – 20 of 51391 results
A flaw was found in GLib. The D-Bus client-side implementation of the DBUS_COOKIE_SHA1 SASL authentication mechanism does not validate the cookie_context parameter received from the server. A malicious D-Bus server can supply a...
1 affected package
glib2.0
| Package | 16.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in GLib. An off-by-one error can occur in the g_key_file_get_locale_string_list function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or...
1 affected package
glib2.0
| Package | 16.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in GLib. A buffer over-read can occur in g_io_channel_read_line_backend() in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString...
1 affected package
glib2.0
| Package | 16.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in GLib. A buffer over-read can occur in the g_regex_replace function when used with the `G_REGEX_RAW` compile flag and case-change replacement escapes because the string_append function processes matched...
1 affected package
glib2.0
| Package | 16.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the g_date_time_get_ymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the g_date_time_add_full function...
1 affected package
glib2.0
| Package | 16.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A flaw was found in GLib. An off-by-one error can occur in the gvs_tuple_is_normal function in the glib/gvariant-serialiser.c file when doing an alignment padding check because the bounds check uses > instead of >=, causing an...
1 affected package
glib2.0
| Package | 16.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered_buf pointer may remain stale after being freed during unpacking state...
1 affected package
libarchive
| Package | 16.04 LTS |
|---|---|
| libarchive | Needs evaluation |
A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw...
1 affected package
sssd
| Package | 16.04 LTS |
|---|---|
| sssd | Needs evaluation |
Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | Needs evaluation |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |
Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint. This issue affects Apache Tomcat:...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | Needs evaluation |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |