Search CVE reports
451 – 460 of 33222 results
Stack buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Heap buffer overflow in CSS in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Use after free in Base in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Critical)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Out of bounds memory access in WebGL in Google Chrome on Android prior to 146.0.7680.153 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
[Unknown description]
1 affected package
qemu
| Package | 24.04 LTS |
|---|---|
| qemu | Vulnerable |
tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and below, when unpacking a tar archive, the tar crate's unpack_dir function uses fs::metadata() to check whether a path that already exists is a...
23 affected packages
rust-tar, rustc, rustc-1.62, rustc-1.74, rustc-1.76...
| Package | 24.04 LTS |
|---|---|
| rust-tar | Needs evaluation |
| rustc | Needs evaluation |
| rustc-1.62 | Not in release |
| rustc-1.74 | Needs evaluation |
| rustc-1.76 | Needs evaluation |
| rustc-1.77 | Needs evaluation |
| rustc-1.78 | Needs evaluation |
| rustc-1.79 | Needs evaluation |
| rustc-1.80 | Needs evaluation |
| rustc-1.81 | Needs evaluation |
| rustc-1.82 | Needs evaluation |
| rustc-1.83 | Needs evaluation |
| rustc-1.84 | Needs evaluation |
| rustc-1.85 | Needs evaluation |
| rustc-1.88 | Not in release |
| rustc-1.89 | Needs evaluation |
| rustc-1.91 | Needs evaluation |
| rustc-1.92 | Not in release |
| rustc-1.93 | Not in release |
| cargo | Not in release |
| rust-cargo-c | Needs evaluation |
| rust-async-tar | Needs evaluation |
| rust-astral-tokio-tar | Not in release |
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518,...
1 affected package
rust-tar
| Package | 24.04 LTS |
|---|---|
| rust-tar | Needs evaluation |
Not in release
libp2p-rust is the official rust language Implementation of the libp2p networking stack. In versions prior to 0.49.3, the Gossipsub implementation accepts attacker-controlled PRUNE backoff values and may perform unchecked time...
1 affected package
rust-libp2p-identity
| Package | 24.04 LTS |
|---|---|
| rust-libp2p-identity | Not in release |