Search CVE reports

231 – 240 of 19515 results

Detailed view

Sort by:

Status is adjusted based on your filters.

CVE-2024-34156

Medium priority

Needs evaluation

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

14 affected packages

golang, golang-1.10, golang-1.13, golang-1.14, golang-1.16...

Package	24.04 LTS
golang	Not in release
golang-1.10	Not in release
golang-1.13	Not in release
golang-1.14	Not in release
golang-1.16	Not in release
golang-1.17	Not in release
golang-1.18	Not in release
golang-1.19	Not in release
golang-1.20	Not in release
golang-1.21	Needs evaluation
golang-1.22	Needs evaluation
golang-1.6	Not in release
golang-1.8	Not in release
golang-1.9	Not in release

CVE-2024-34155

Medium priority

Needs evaluation

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.

14 affected packages

golang, golang-1.10, golang-1.13, golang-1.14, golang-1.16...

Package	24.04 LTS
golang	Not in release
golang-1.10	Not in release
golang-1.13	Not in release
golang-1.14	Not in release
golang-1.16	Not in release
golang-1.17	Not in release
golang-1.18	Not in release
golang-1.19	Not in release
golang-1.20	Not in release
golang-1.21	Needs evaluation
golang-1.22	Needs evaluation
golang-1.6	Not in release
golang-1.8	Not in release
golang-1.9	Not in release

An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR...

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package	24.04 LTS
firefox	Not affected
mozjs102	Ignored
mozjs115	Ignored
mozjs38	Not in release
mozjs52	Not in release
mozjs68	Not in release
mozjs78	Not in release
mozjs91	Not in release
thunderbird	Not affected

CVE-2024-8517

Medium priority

Needs evaluation

SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request.

1 affected packages

spip

Package	24.04 LTS
spip	Needs evaluation

CVE-2024-25584

Medium priority

Not affected

Dovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always be CR LF DOT CR LF. This causes Dovecot to convert single mail with LF DOT LF in middle, into two emails when relaying to SMTP....

1 affected packages

dovecot

Package	24.04 LTS
dovecot	Not affected

CVE-2023-52916

Medium priority

Not affected

In the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this...

121 affected packages

linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...

Package	24.04 LTS
linux	Not affected
linux-allwinner-5.19	Not in release
linux-aws	Not affected
linux-aws-5.0	Not in release
linux-aws-5.11	Not in release
linux-aws-5.13	Not in release
linux-aws-5.15	Not in release
linux-aws-5.19	Not in release
linux-aws-5.3	Not in release
linux-aws-5.4	Not in release
linux-aws-5.8	Not in release
linux-aws-6.2	Not in release
linux-aws-6.5	Not in release
linux-aws-fips	Not in release
linux-aws-hwe	Not in release
linux-azure	Not affected
linux-azure-4.15	Not in release
linux-azure-5.11	Not in release
linux-azure-5.13	Not in release
linux-azure-5.15	Not in release
linux-azure-5.19	Not in release
linux-azure-5.3	Not in release
linux-azure-5.4	Not in release
linux-azure-5.8	Not in release
linux-azure-6.2	Not in release
linux-azure-6.5	Not in release
linux-azure-edge	Not in release
linux-azure-fde	Not in release
linux-azure-fde-5.15	Not in release
linux-azure-fde-5.19	Not in release
linux-azure-fde-6.2	Not in release
linux-azure-fips	Not in release
linux-bluefield	Not in release
linux-fips	Not in release
linux-gcp	Not affected
linux-gcp-4.15	Not in release
linux-gcp-5.11	Not in release
linux-gcp-5.13	Not in release
linux-gcp-5.15	Not in release
linux-gcp-5.19	Not in release
linux-gcp-5.3	Not in release
linux-gcp-5.4	Not in release
linux-gcp-5.8	Not in release
linux-gcp-6.2	Not in release
linux-gcp-6.5	Not in release
linux-gcp-fips	Not in release
linux-gke	Not affected
linux-gke-4.15	Not in release
linux-gke-5.15	Not in release
linux-gke-5.4	Not in release
linux-gkeop	Not in release
linux-gkeop-5.15	Not in release
linux-gkeop-5.4	Not in release
linux-hwe	Not in release
linux-hwe-5.11	Not in release
linux-hwe-5.13	Not in release
linux-hwe-5.15	Not in release
linux-hwe-5.19	Not in release
linux-hwe-5.4	Not in release
linux-hwe-5.8	Not in release
linux-hwe-6.2	Not in release
linux-hwe-6.5	Not in release
linux-hwe-6.8	Not in release
linux-hwe-edge	Not in release
linux-ibm	Not affected
linux-ibm-5.15	Not in release
linux-ibm-5.4	Not in release
linux-intel	Not affected
linux-intel-5.13	Not in release
linux-intel-iot-realtime	Not in release
linux-intel-iotg	Not in release
linux-intel-iotg-5.15	Not in release
linux-iot	Not in release
linux-kvm	Not in release
linux-lowlatency	Not affected
linux-lowlatency-hwe-5.15	Not in release
linux-lowlatency-hwe-5.19	Not in release
linux-lowlatency-hwe-6.2	Not in release
linux-lowlatency-hwe-6.5	Not in release
linux-lowlatency-hwe-6.8	Not in release
linux-lts-xenial	Not in release
linux-nvidia	Not affected
linux-nvidia-6.2	Not in release
linux-nvidia-6.5	Not in release
linux-nvidia-6.8	Not in release
linux-nvidia-lowlatency	Not affected
linux-oem	Not in release
linux-oem-5.10	Not in release
linux-oem-5.13	Not in release
linux-oem-5.14	Not in release
linux-oem-5.17	Not in release
linux-oem-5.6	Not in release
linux-oem-6.0	Not in release
linux-oem-6.1	Not in release
linux-oem-6.5	Not in release
linux-oem-6.8	Not affected
linux-oracle	Not affected
linux-oracle-5.0	Not in release
linux-oracle-5.11	Not in release
linux-oracle-5.13	Not in release
linux-oracle-5.15	Not in release
linux-oracle-5.3	Not in release
linux-oracle-5.4	Not in release
linux-oracle-5.8	Not in release
linux-oracle-6.5	Not in release
linux-raspi	Not affected
linux-raspi-5.4	Not in release
linux-raspi-realtime	Not in release
linux-raspi2	Not in release
linux-realtime	Not in release
linux-riscv	Not affected
linux-riscv-5.11	Not in release
linux-riscv-5.15	Not in release
linux-riscv-5.19	Not in release
linux-riscv-5.8	Not in release
linux-riscv-6.5	Not in release
linux-riscv-6.8	Not in release
linux-starfive-5.19	Not in release
linux-starfive-6.2	Not in release
linux-starfive-6.5	Not in release
linux-xilinx-zynqmp	Not in release

CVE-2023-52915

Medium priority

Not affected

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer In af9035_i2c_master_xfer, msg is controlled by user. When msg[i].buf is null and...

121 affected packages

linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...

Package	24.04 LTS
linux	Not affected
linux-allwinner-5.19	Not in release
linux-aws	Not affected
linux-aws-5.0	Not in release
linux-aws-5.11	Not in release
linux-aws-5.13	Not in release
linux-aws-5.15	Not in release
linux-aws-5.19	Not in release
linux-aws-5.3	Not in release
linux-aws-5.4	Not in release
linux-aws-5.8	Not in release
linux-aws-6.2	Not in release
linux-aws-6.5	Not in release
linux-aws-fips	Not in release
linux-aws-hwe	Not in release
linux-azure	Not affected
linux-azure-4.15	Not in release
linux-azure-5.11	Not in release
linux-azure-5.13	Not in release
linux-azure-5.15	Not in release
linux-azure-5.19	Not in release
linux-azure-5.3	Not in release
linux-azure-5.4	Not in release
linux-azure-5.8	Not in release
linux-azure-6.2	Not in release
linux-azure-6.5	Not in release
linux-azure-edge	Not in release
linux-azure-fde	Not in release
linux-azure-fde-5.15	Not in release
linux-azure-fde-5.19	Not in release
linux-azure-fde-6.2	Not in release
linux-azure-fips	Not in release
linux-bluefield	Not in release
linux-fips	Not in release
linux-gcp	Not affected
linux-gcp-4.15	Not in release
linux-gcp-5.11	Not in release
linux-gcp-5.13	Not in release
linux-gcp-5.15	Not in release
linux-gcp-5.19	Not in release
linux-gcp-5.3	Not in release
linux-gcp-5.4	Not in release
linux-gcp-5.8	Not in release
linux-gcp-6.2	Not in release
linux-gcp-6.5	Not in release
linux-gcp-fips	Not in release
linux-gke	Not affected
linux-gke-4.15	Not in release
linux-gke-5.15	Not in release
linux-gke-5.4	Not in release
linux-gkeop	Not in release
linux-gkeop-5.15	Not in release
linux-gkeop-5.4	Not in release
linux-hwe	Not in release
linux-hwe-5.11	Not in release
linux-hwe-5.13	Not in release
linux-hwe-5.15	Not in release
linux-hwe-5.19	Not in release
linux-hwe-5.4	Not in release
linux-hwe-5.8	Not in release
linux-hwe-6.2	Not in release
linux-hwe-6.5	Not in release
linux-hwe-6.8	Not in release
linux-hwe-edge	Not in release
linux-ibm	Not affected
linux-ibm-5.15	Not in release
linux-ibm-5.4	Not in release
linux-intel	Not affected
linux-intel-5.13	Not in release
linux-intel-iot-realtime	Not in release
linux-intel-iotg	Not in release
linux-intel-iotg-5.15	Not in release
linux-iot	Not in release
linux-kvm	Not in release
linux-lowlatency	Not affected
linux-lowlatency-hwe-5.15	Not in release
linux-lowlatency-hwe-5.19	Not in release
linux-lowlatency-hwe-6.2	Not in release
linux-lowlatency-hwe-6.5	Not in release
linux-lowlatency-hwe-6.8	Not in release
linux-lts-xenial	Not in release
linux-nvidia	Not affected
linux-nvidia-6.2	Not in release
linux-nvidia-6.5	Not in release
linux-nvidia-6.8	Not in release
linux-nvidia-lowlatency	Not affected
linux-oem	Not in release
linux-oem-5.10	Not in release
linux-oem-5.13	Not in release
linux-oem-5.14	Not in release
linux-oem-5.17	Not in release
linux-oem-5.6	Not in release
linux-oem-6.0	Not in release
linux-oem-6.1	Not in release
linux-oem-6.5	Not in release
linux-oem-6.8	Not affected
linux-oracle	Not affected
linux-oracle-5.0	Not in release
linux-oracle-5.11	Not in release
linux-oracle-5.13	Not in release
linux-oracle-5.15	Not in release
linux-oracle-5.3	Not in release
linux-oracle-5.4	Not in release
linux-oracle-5.8	Not in release
linux-oracle-6.5	Not in release
linux-raspi	Not affected
linux-raspi-5.4	Not in release
linux-raspi-realtime	Not in release
linux-raspi2	Not in release
linux-realtime	Not in release
linux-riscv	Not affected
linux-riscv-5.11	Not in release
linux-riscv-5.15	Not in release
linux-riscv-5.19	Not in release
linux-riscv-5.8	Not in release
linux-riscv-6.5	Not in release
linux-riscv-6.8	Not in release
linux-starfive-5.19	Not in release
linux-starfive-6.2	Not in release
linux-starfive-6.5	Not in release
linux-xilinx-zynqmp	Not in release

CVE-2024-45751

Medium priority

Needs evaluation

tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical.

2 affected packages

iscsitarget, tgt

Package	24.04 LTS
iscsitarget	Not in release
tgt	Needs evaluation

CVE-2024-8394

Medium priority

Not affected

When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 128.2.

1 affected packages

thunderbird

Package	24.04 LTS
thunderbird	Not affected

CVE-2024-45159

Medium priority

Needs evaluation

An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage...

1 affected packages

mbedtls

Package	24.04 LTS
mbedtls	Needs evaluation

Export to JSON

Results by page: