Search CVE reports
51 – 60 of 30357 results
In nltk/nltk versions 3.9.3 and earlier, five Stanford interface classes (StanfordPOSTagger, StanfordNERTagger, StanfordParser, StanfordDependencyParser, and StanfordNeuralDependencyParser) are vulnerable to untrusted JAR code...
1 affected package
nltk
| Package | 26.04 LTS |
|---|---|
| nltk | Needs evaluation |
Not in release
(Nu Html Checker (validator.nu) contains a restriction bypass that allo ...)
1 affected package
vnu
| Package | 26.04 LTS |
|---|---|
| vnu | Not in release |
(The HTTP server in Mongoose before 7.10 accepts requests containing ne ...)
2 affected packages
mongoose, swupdate
| Package | 26.04 LTS |
|---|---|
| mongoose | Not in release |
| swupdate | Not affected |
(Heap-based buffer overflow in the encode_slice function in libavcodec/ ...)
2 affected packages
ffmpeg, libav
| Package | 26.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | Not in release |
A flaw was found in GIMP's PSP file format parser. A double-free condition occurs in the read_layer_block() function when processing a specially crafted PSP file. This could allow an attacker to cause memory...
1 affected package
gimp
| Package | 26.04 LTS |
|---|---|
| gimp | Needs evaluation |
The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler....
1 affected package
erlang
| Package | 26.04 LTS |
|---|---|
| erlang | Needs evaluation |
Time-of-check Time-of-use (TOCTOU) race condition vulnerability in Erlang/OTP ssl (dtls_packet_demux module) allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a...
1 affected package
erlang
| Package | 26.04 LTS |
|---|---|
| erlang | Needs evaluation |
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl (tls_gen_connection module) allows a network-positioned attacker to inject unauthenticated plaintext that the...
1 affected package
erlang
| Package | 26.04 LTS |
|---|---|
| erlang | Needs evaluation |
Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl (DTLS server) allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup,...
1 affected package
erlang
| Package | 26.04 LTS |
|---|---|
| erlang | Needs evaluation |
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handle_data/4 function in...
1 affected package
erlang
| Package | 26.04 LTS |
|---|---|
| erlang | Needs evaluation |