Search CVE reports

1341 – 1350 of 2389 results

Detailed view

Sort by:

CVE-2017-7779

Medium priority

Some fixes available 34 of 37

Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run...

3 affected packages

firefox, mozjs38, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	Fixed	Fixed	Fixed	Fixed
mozjs38	—	Not in release	Not in release	Not in release	Ignored
thunderbird	—	Fixed	Fixed	Fixed	Fixed

CVE-2017-7753

Medium priority

Some fixes available 14 of 16

An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

3 affected packages

firefox, mozjs38, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	Fixed
mozjs38	—	—	—	—	Not affected
thunderbird	—	—	—	—	Fixed

CVE-2017-9233

Medium priority

Some fixes available 7 of 98

XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.

33 affected packages

apache2, apr-util, cmake, expat, ghostscript...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
apache2	Not affected	Not affected	Not affected	Not affected	Not affected
apr-util	Not affected	Not affected	Not affected	Not affected	Not affected
cmake	Not affected	Not affected	Not affected	Not affected	Not affected
expat	Not affected	Not affected	Not affected	Not affected	Not affected
ghostscript	Not affected	Not affected	Not affected	Not affected	Not affected
vnc4	Not in release	Not in release	Not in release	Not in release	Ignored
texlive-bin	Not affected	Not affected	Not affected	Not affected	Not affected
wxwidgets2.6	Not in release	Not in release	Not in release	Not in release	Not in release
kompozer	Not in release	Not in release	Not in release	Not in release	Not in release
libparagui1.1	Not in release	Not in release	Not in release	Not in release	Not in release
poco	Not affected	Not affected	Not affected	Not affected	Not affected
ayttm	Not in release	Not in release	Not in release	Not in release	Not in release
audacity	Not affected	Not affected	Not affected	Not affected	Not affected
matanza	Ignored	Ignored	Ignored	Ignored	Ignored
swish-e	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored
coin3	Not affected	Not affected	Not affected	Not affected	Ignored
cableswig	Not in release	Not in release	Not in release	Not in release	Not in release
cadaver	Not affected	Not affected	Not affected	Not affected	Not affected
insighttoolkit4	Not in release	Not in release	Not affected	Not affected	Not affected
sitecopy	Needs evaluation	Not in release	Not affected	Not affected	Not affected
gdcm	Not affected	Not affected	Not affected	Not affected	Not affected
insighttoolkit	Not in release	Not in release	Not in release	Not in release	Not in release
libxmltok	Not in release	Not affected	Not affected	Not affected	Not affected
tla	Not in release	Not affected	Not affected	Not affected	Not affected
wbxml2	Not affected	Not affected	Not affected	Not affected	Not affected
vtk	Not in release	Not in release	Not in release	Not in release	Not in release
firefox	Not affected	Not affected	Not affected	Not in release	Not affected
simgear	Not affected	Not affected	Not affected	Not affected	Not affected
smart	Not in release	Not in release	Not in release	Not in release	Not affected
tdom	Not affected	Not affected	Not affected	Not affected	Not affected
thunderbird	Not affected	Not affected	Not affected	Not in release	Not affected
wxwidgets2.8	Not in release	Not in release	Not in release	Not in release	Not in release
xmlrpc-c	Not affected	Not affected	Not affected	Not affected	Not affected

CVE-2017-7778

Medium priority

Some fixes available 11 of 12

A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This...

3 affected packages

firefox, graphite2, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
graphite2	—	—	—	—	—
thunderbird	—	—	—	—	—

CVE-2017-7777

Medium priority

Some fixes available 11 of 12

Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::read_glyph function.

3 affected packages

firefox, graphite2, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
graphite2	—	—	—	—	—
thunderbird	—	—	—	—	—

CVE-2017-7776

Medium priority

Some fixes available 11 of 12

Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph.

3 affected packages

firefox, graphite2, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
graphite2	—	—	—	—	—
thunderbird	—	—	—	—	—

CVE-2017-7775

Medium priority

Some fixes available 11 of 12

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

3 affected packages

thunderbird, firefox, graphite2

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
thunderbird	—	—	—	—	—
firefox	—	—	—	—	—
graphite2	—	—	—	—	—

CVE-2017-7774

Medium priority

Some fixes available 11 of 12

Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Silf::readGraphite function.

3 affected packages

firefox, graphite2, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
graphite2	—	—	—	—	—
thunderbird	—	—	—	—	—

CVE-2017-7773

Medium priority

Some fixes available 11 of 12

Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor.

3 affected packages

firefox, graphite2, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
graphite2	—	—	—	—	—
thunderbird	—	—	—	—	—

CVE-2017-7772

Medium priority

Some fixes available 11 of 12

Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function.

3 affected packages

graphite2, firefox, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
graphite2	—	—	—	—	—
firefox	—	—	—	—	—
thunderbird	—	—	—	—	—

Export to JSON

Results by page: