Search CVE reports
71 – 80 of 1332 results
CVE-2012-5578
Medium prioritySome fixes available 5 of 6
Python keyring has insecure permissions on new databases allowing world-readable files to be created
1 affected packages
python-keyring
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
python-keyring | — | — | — | — | — |
CVE-2007-3732
Medium priorityIn Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc calls a C function without ensuring that the segments are set properly. The kernel's %fs needs to be restored before the call in TRACE_IRQS_ON and before enabling...
22 affected packages
linux, linux-armadaxp, linux-flo, linux-goldfish, linux-grouper...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Not affected |
linux-armadaxp | — | — | — | — | Not in release |
linux-flo | — | — | — | — | Not affected |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Not affected |
linux-manta | — | — | — | — | Not in release |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Not affected |
linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2010-2243
Low priorityA vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS.
11 affected packages
linux, linux-armadaxp, linux-ec2, linux-fsl-imx51, linux-lts-backport-maverick...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | — |
linux-armadaxp | — | — | — | — | — |
linux-ec2 | — | — | — | — | — |
linux-fsl-imx51 | — | — | — | — | — |
linux-lts-backport-maverick | — | — | — | — | — |
linux-lts-backport-natty | — | — | — | — | — |
linux-lts-backport-oneiric | — | — | — | — | — |
linux-lts-quantal | — | — | — | — | — |
linux-lts-raring | — | — | — | — | — |
linux-mvl-dove | — | — | — | — | — |
linux-ti-omap4 | — | — | — | — | — |
CVE-2014-8181
Low priorityThe kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.
27 affected packages
linux, linux-armadaxp, linux-aws, linux-flo, linux-gke...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Not affected |
linux-armadaxp | — | — | — | — | Not in release |
linux-aws | — | — | — | — | Not affected |
linux-flo | — | — | — | — | Not affected |
linux-gke | — | — | — | — | Not affected |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-hwe | — | — | — | — | Not affected |
linux-hwe-edge | — | — | — | — | Not affected |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Not affected |
linux-manta | — | — | — | — | Not in release |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Not affected |
linux-snapdragon | — | — | — | — | Not affected |
linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2011-3923
Medium priorityApache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.
2 affected packages
libspring-2.5-java, libstruts1.2-java
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libspring-2.5-java | — | — | — | Not in release | Not in release |
libstruts1.2-java | — | — | — | Not in release | Not in release |
CVE-2012-5577
Medium prioritySome fixes available 5 of 6
Python keyring lib before 0.10 created keyring files with world-readable permissions.
1 affected packages
python-keyring
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
python-keyring | — | — | — | — | — |
CVE-2019-11272
Medium priorityNot in release
Spring Security, versions 4.2.x up to 4.2.12, and older unsupported versions support plain text passwords using PlaintextPasswordEncoder. If an application using an affected version of Spring Security is...
1 affected packages
libspring-security-2.0-java
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libspring-security-2.0-java | — | — | Not in release | Not in release | Not in release |
CVE-2019-3795
Low priorityNot in release
Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order...
1 affected packages
libspring-security-2.0-java
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libspring-security-2.0-java | — | — | — | Not in release | Not in release |
CVE-2018-20781
Medium priorityIn pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.
1 affected packages
gnome-keyring
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnome-keyring | — | — | — | Not affected | Fixed |
CVE-2018-19358
Low priority** DISPUTED ** GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is...
1 affected packages
gnome-keyring
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnome-keyring | Not affected | Not affected | Not affected | Not affected | Not affected |