Search CVE reports
91 – 100 of 42760 results
Soup Sieve is a CSS selector library designed to be used with Beautiful Soup 4. Prior to 2.8.4, the CSS selector parser in soupsieve allocates unbounded memory when compiling large comma-separated selector lists, allowing an...
1 affected package
soupsieve
| Package | 20.04 LTS |
|---|---|
| soupsieve | Needs evaluation |
UAParser.js is a JavaScript library to detect browsers, operating systems, CPUs, and devices from user-agent data. From 2.0.1 until 2.0.10, a regular expression denial-of-service vulnerability exists when using the Client Hints...
1 affected package
node-ua-parser-js
| Package | 20.04 LTS |
|---|---|
| node-ua-parser-js | Needs evaluation |
Not in release
Improper encoding or escaping of output in .NET allows an authorized attacker to perform spoofing over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
Allocation of resources without limits or throttling in .NET Framework allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
Incorrect authorization in .NET allows an unauthorized attacker to bypass a security feature over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
Stack-based buffer overflow in .NET Framework allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to perform tampering locally.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |
Not in release
Improper validation of specified type of input in .NET Framework allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 20.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not in release |