Search CVE reports
1 – 10 of 42301 results
Fixed 32-bit DMG parser size checks that could let a short mish stripe table pass validation and crash 32-bit scanner builds.
1 affected package
clamav
| Package | 20.04 LTS |
|---|---|
| clamav | Needs evaluation |
Fixed ALZ parser size handling bugs that could cause malformed ALZ archives to panic, abort the scanner, or skip expected scan-limit handling.
1 affected package
clamav
| Package | 20.04 LTS |
|---|---|
| clamav | Needs evaluation |
Fixed a bug in the PESpin unpacker cleanup path that could free pointers into the scanned file buffer and crash the scanner.
1 affected package
clamav
| Package | 20.04 LTS |
|---|---|
| clamav | Needs evaluation |
Fixed an InstallShield archive extraction limit bypass that could write far more temporary data than intended and exhaust temporary storage.
1 affected package
clamav
| Package | 20.04 LTS |
|---|---|
| clamav | Needs evaluation |
Fixed a 7z parser substream count overflow that could under-allocate parser metadata arrays and write past them while reading a malformed archive.
1 affected package
clamav
| Package | 20.04 LTS |
|---|---|
| clamav | Needs evaluation |
Fixed an FSG unpacker loop underflow that could write past the section array while scanning a malformed PE file.
1 affected package
clamav
| Package | 20.04 LTS |
|---|---|
| clamav | Needs evaluation |
Fixed an integer overflow in PE rebuild size calculations that could be reached through a malformed Aspack-packed PE file and lead to a heap buffer overflow write.
1 affected package
clamav
| Package | 20.04 LTS |
|---|---|
| clamav | Needs evaluation |
CGI::Session::ID::md5 versions before 4.49 for Perl generate predictable session ids from low-entropy sources. The generate_id method builds the session id from a MD5 digest of the process id, the epoch time, and the built-in...
1 affected package
libcgi-session-perl
| Package | 20.04 LTS |
|---|---|
| libcgi-session-perl | Needs evaluation |
A security vulnerability has been detected in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function Assimp::SceneCombiner::Copy of the file code/Common/SceneCombiner.cpp of the component...
1 affected package
assimp
| Package | 20.04 LTS |
|---|---|
| assimp | Needs evaluation |
An out-of-bounds heap write exists in the RAR5 recovery-volume (.rev) parser in WinRAR and UnRAR (RecVolumes5::ReadHeader in recvol5.cpp). The RecItems vector is sized only when the first .rev file in a set is processed;...
1 affected package
unrar-nonfree
| Package | 20.04 LTS |
|---|---|
| unrar-nonfree | Needs evaluation |