Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

71 – 80 of 1332 results

CVE-2012-5578

Medium priority

Some fixes available 5 of 6

Python keyring has insecure permissions on new databases allowing world-readable files to be created

1 affected packages

python-keyring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-keyring
Show less packages

CVE-2007-3732

Medium priority
Ignored

In Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc calls a C function without ensuring that the segments are set properly. The kernel's %fs needs to be restored before the call in TRACE_IRQS_ON and before enabling...

22 affected packages

linux, linux-armadaxp, linux-flo, linux-goldfish, linux-grouper...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected
linux-armadaxp Not in release
linux-flo Not affected
linux-goldfish Not affected
linux-grouper Not in release
linux-linaro-omap Not in release
linux-linaro-shared Not in release
linux-linaro-vexpress Not in release
linux-lts-quantal Not in release
linux-lts-raring Not in release
linux-lts-saucy Not in release
linux-lts-trusty Not in release
linux-lts-utopic Not in release
linux-lts-vivid Not in release
linux-lts-wily Not in release
linux-lts-xenial Not in release
linux-maguro Not in release
linux-mako Not affected
linux-manta Not in release
linux-qcm-msm Not in release
linux-raspi2 Not affected
linux-ti-omap4 Not in release
Show all 22 packages Show less packages

CVE-2010-2243

Low priority
Ignored

A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS.

11 affected packages

linux, linux-armadaxp, linux-ec2, linux-fsl-imx51, linux-lts-backport-maverick...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-armadaxp
linux-ec2
linux-fsl-imx51
linux-lts-backport-maverick
linux-lts-backport-natty
linux-lts-backport-oneiric
linux-lts-quantal
linux-lts-raring
linux-mvl-dove
linux-ti-omap4
Show all 11 packages Show less packages

CVE-2014-8181

Low priority
Ignored

The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.

27 affected packages

linux, linux-armadaxp, linux-aws, linux-flo, linux-gke...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected
linux-armadaxp Not in release
linux-aws Not affected
linux-flo Not affected
linux-gke Not affected
linux-goldfish Not affected
linux-grouper Not in release
linux-hwe Not affected
linux-hwe-edge Not affected
linux-linaro-omap Not in release
linux-linaro-shared Not in release
linux-linaro-vexpress Not in release
linux-lts-quantal Not in release
linux-lts-raring Not in release
linux-lts-saucy Not in release
linux-lts-trusty Not in release
linux-lts-utopic Not in release
linux-lts-vivid Not in release
linux-lts-wily Not in release
linux-lts-xenial Not in release
linux-maguro Not in release
linux-mako Not affected
linux-manta Not in release
linux-qcm-msm Not in release
linux-raspi2 Not affected
linux-snapdragon Not affected
linux-ti-omap4 Not in release
Show all 27 packages Show less packages

CVE-2011-3923

Medium priority
Ignored

Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.

2 affected packages

libspring-2.5-java, libstruts1.2-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libspring-2.5-java Not in release Not in release
libstruts1.2-java Not in release Not in release
Show less packages

CVE-2012-5577

Medium priority

Some fixes available 5 of 6

Python keyring lib before 0.10 created keyring files with world-readable permissions.

1 affected packages

python-keyring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-keyring
Show less packages

CVE-2019-11272

Medium priority

Not in release

Spring Security, versions 4.2.x up to 4.2.12, and older unsupported versions support plain text passwords using PlaintextPasswordEncoder. If an application using an affected version of Spring Security is...

1 affected packages

libspring-security-2.0-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libspring-security-2.0-java Not in release Not in release Not in release
Show less packages

CVE-2019-3795

Low priority

Not in release

Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order...

1 affected packages

libspring-security-2.0-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libspring-security-2.0-java Not in release Not in release
Show less packages

CVE-2018-20781

Medium priority
Fixed

In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.

1 affected packages

gnome-keyring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gnome-keyring Not affected Fixed
Show less packages

CVE-2018-19358

Low priority
Ignored

** DISPUTED ** GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is...

1 affected packages

gnome-keyring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gnome-keyring Not affected Not affected Not affected Not affected Not affected
Show less packages
  1. Previous page
  2. 6
  3. 7
  4. 8
  5. 9
  6. 10
  7. Next page
Export to JSON