Search CVE reports
191 – 200 of 30617 results
CVE-2024-25584
Medium priorityDovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always be CR LF DOT CR LF. This causes Dovecot to convert single mail with LF DOT LF in middle, into two emails when relaying to SMTP....
1 affected packages
dovecot
Package | 18.04 LTS |
---|---|
dovecot | Not affected |
CVE-2023-52916
Medium priorityIn the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this...
121 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
Package | 18.04 LTS |
---|---|
linux | Ignored |
linux-allwinner-5.19 | — |
linux-aws | Ignored |
linux-aws-5.0 | Ignored |
linux-aws-5.11 | — |
linux-aws-5.13 | — |
linux-aws-5.15 | — |
linux-aws-5.19 | — |
linux-aws-5.3 | Ignored |
linux-aws-5.4 | Ignored |
linux-aws-5.8 | — |
linux-aws-6.2 | — |
linux-aws-6.5 | — |
linux-aws-fips | — |
linux-aws-hwe | — |
linux-azure | Ignored |
linux-azure-4.15 | Ignored |
linux-azure-5.11 | — |
linux-azure-5.13 | — |
linux-azure-5.15 | — |
linux-azure-5.19 | — |
linux-azure-5.3 | Ignored |
linux-azure-5.4 | Ignored |
linux-azure-5.8 | — |
linux-azure-6.2 | — |
linux-azure-6.5 | — |
linux-azure-edge | Ignored |
linux-azure-fde | — |
linux-azure-fde-5.15 | — |
linux-azure-fde-5.19 | — |
linux-azure-fde-6.2 | — |
linux-azure-fips | — |
linux-bluefield | — |
linux-fips | — |
linux-gcp | Ignored |
linux-gcp-4.15 | Ignored |
linux-gcp-5.11 | — |
linux-gcp-5.13 | — |
linux-gcp-5.15 | — |
linux-gcp-5.19 | — |
linux-gcp-5.3 | Ignored |
linux-gcp-5.4 | Ignored |
linux-gcp-5.8 | — |
linux-gcp-6.2 | — |
linux-gcp-6.5 | — |
linux-gcp-fips | — |
linux-gke | — |
linux-gke-4.15 | Ignored |
linux-gke-5.15 | — |
linux-gke-5.4 | Ignored |
linux-gkeop | — |
linux-gkeop-5.15 | — |
linux-gkeop-5.4 | Ignored |
linux-hwe | Ignored |
linux-hwe-5.11 | — |
linux-hwe-5.13 | — |
linux-hwe-5.15 | — |
linux-hwe-5.19 | — |
linux-hwe-5.4 | Ignored |
linux-hwe-5.8 | — |
linux-hwe-6.2 | — |
linux-hwe-6.5 | — |
linux-hwe-6.8 | — |
linux-hwe-edge | Ignored |
linux-ibm | — |
linux-ibm-5.15 | — |
linux-ibm-5.4 | Ignored |
linux-intel | Not in release |
linux-intel-5.13 | — |
linux-intel-iot-realtime | — |
linux-intel-iotg | — |
linux-intel-iotg-5.15 | — |
linux-iot | — |
linux-kvm | Ignored |
linux-lowlatency | — |
linux-lowlatency-hwe-5.15 | — |
linux-lowlatency-hwe-5.19 | — |
linux-lowlatency-hwe-6.2 | — |
linux-lowlatency-hwe-6.5 | — |
linux-lowlatency-hwe-6.8 | — |
linux-lts-xenial | — |
linux-nvidia | — |
linux-nvidia-6.2 | — |
linux-nvidia-6.5 | — |
linux-nvidia-6.8 | — |
linux-nvidia-lowlatency | — |
linux-oem | Ignored |
linux-oem-5.10 | — |
linux-oem-5.13 | — |
linux-oem-5.14 | — |
linux-oem-5.17 | — |
linux-oem-5.6 | — |
linux-oem-6.0 | — |
linux-oem-6.1 | — |
linux-oem-6.5 | — |
linux-oem-6.8 | — |
linux-oracle | Ignored |
linux-oracle-5.0 | Ignored |
linux-oracle-5.11 | — |
linux-oracle-5.13 | — |
linux-oracle-5.15 | — |
linux-oracle-5.3 | Ignored |
linux-oracle-5.4 | Ignored |
linux-oracle-5.8 | — |
linux-oracle-6.5 | — |
linux-raspi | — |
linux-raspi-5.4 | Ignored |
linux-raspi-realtime | — |
linux-raspi2 | — |
linux-realtime | — |
linux-riscv | — |
linux-riscv-5.11 | — |
linux-riscv-5.15 | — |
linux-riscv-5.19 | — |
linux-riscv-5.8 | — |
linux-riscv-6.5 | — |
linux-riscv-6.8 | — |
linux-starfive-5.19 | — |
linux-starfive-6.2 | — |
linux-starfive-6.5 | — |
linux-xilinx-zynqmp | — |
CVE-2023-52915
Medium priorityIn the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer In af9035_i2c_master_xfer, msg is controlled by user. When msg[i].buf is null and...
121 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
Package | 18.04 LTS |
---|---|
linux | Ignored |
linux-allwinner-5.19 | — |
linux-aws | Ignored |
linux-aws-5.0 | Ignored |
linux-aws-5.11 | — |
linux-aws-5.13 | — |
linux-aws-5.15 | — |
linux-aws-5.19 | — |
linux-aws-5.3 | Ignored |
linux-aws-5.4 | Vulnerable |
linux-aws-5.8 | — |
linux-aws-6.2 | — |
linux-aws-6.5 | — |
linux-aws-fips | — |
linux-aws-hwe | — |
linux-azure | Ignored |
linux-azure-4.15 | Ignored |
linux-azure-5.11 | — |
linux-azure-5.13 | — |
linux-azure-5.15 | — |
linux-azure-5.19 | — |
linux-azure-5.3 | Ignored |
linux-azure-5.4 | Vulnerable |
linux-azure-5.8 | — |
linux-azure-6.2 | — |
linux-azure-6.5 | — |
linux-azure-edge | Ignored |
linux-azure-fde | — |
linux-azure-fde-5.15 | — |
linux-azure-fde-5.19 | — |
linux-azure-fde-6.2 | — |
linux-azure-fips | — |
linux-bluefield | — |
linux-fips | — |
linux-gcp | Ignored |
linux-gcp-4.15 | Ignored |
linux-gcp-5.11 | — |
linux-gcp-5.13 | — |
linux-gcp-5.15 | — |
linux-gcp-5.19 | — |
linux-gcp-5.3 | Ignored |
linux-gcp-5.4 | Vulnerable |
linux-gcp-5.8 | — |
linux-gcp-6.2 | — |
linux-gcp-6.5 | — |
linux-gcp-fips | — |
linux-gke | — |
linux-gke-4.15 | Ignored |
linux-gke-5.15 | — |
linux-gke-5.4 | Ignored |
linux-gkeop | — |
linux-gkeop-5.15 | — |
linux-gkeop-5.4 | Ignored |
linux-hwe | Ignored |
linux-hwe-5.11 | — |
linux-hwe-5.13 | — |
linux-hwe-5.15 | — |
linux-hwe-5.19 | — |
linux-hwe-5.4 | Vulnerable |
linux-hwe-5.8 | — |
linux-hwe-6.2 | — |
linux-hwe-6.5 | — |
linux-hwe-6.8 | — |
linux-hwe-edge | Ignored |
linux-ibm | — |
linux-ibm-5.15 | — |
linux-ibm-5.4 | Vulnerable |
linux-intel | Not in release |
linux-intel-5.13 | — |
linux-intel-iot-realtime | — |
linux-intel-iotg | — |
linux-intel-iotg-5.15 | — |
linux-iot | — |
linux-kvm | Ignored |
linux-lowlatency | — |
linux-lowlatency-hwe-5.15 | — |
linux-lowlatency-hwe-5.19 | — |
linux-lowlatency-hwe-6.2 | — |
linux-lowlatency-hwe-6.5 | — |
linux-lowlatency-hwe-6.8 | — |
linux-lts-xenial | — |
linux-nvidia | — |
linux-nvidia-6.2 | — |
linux-nvidia-6.5 | — |
linux-nvidia-6.8 | — |
linux-nvidia-lowlatency | — |
linux-oem | Ignored |
linux-oem-5.10 | — |
linux-oem-5.13 | — |
linux-oem-5.14 | — |
linux-oem-5.17 | — |
linux-oem-5.6 | — |
linux-oem-6.0 | — |
linux-oem-6.1 | — |
linux-oem-6.5 | — |
linux-oem-6.8 | — |
linux-oracle | Ignored |
linux-oracle-5.0 | Ignored |
linux-oracle-5.11 | — |
linux-oracle-5.13 | — |
linux-oracle-5.15 | — |
linux-oracle-5.3 | Ignored |
linux-oracle-5.4 | Vulnerable |
linux-oracle-5.8 | — |
linux-oracle-6.5 | — |
linux-raspi | — |
linux-raspi-5.4 | Vulnerable |
linux-raspi-realtime | — |
linux-raspi2 | — |
linux-realtime | — |
linux-riscv | — |
linux-riscv-5.11 | — |
linux-riscv-5.15 | — |
linux-riscv-5.19 | — |
linux-riscv-5.8 | — |
linux-riscv-6.5 | — |
linux-riscv-6.8 | — |
linux-starfive-5.19 | — |
linux-starfive-6.2 | — |
linux-starfive-6.5 | — |
linux-xilinx-zynqmp | — |
CVE-2024-45751
Medium prioritytgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical.
2 affected packages
iscsitarget, tgt
Package | 18.04 LTS |
---|---|
iscsitarget | — |
tgt | Needs evaluation |
CVE-2024-45159
Medium priorityAn issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage...
1 affected packages
mbedtls
Package | 18.04 LTS |
---|---|
mbedtls | Needs evaluation |
CVE-2024-45158
Medium priorityAn issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() can occur when the bits parameter is larger than the largest supported curve. In some...
1 affected packages
mbedtls
Package | 18.04 LTS |
---|---|
mbedtls | Needs evaluation |
CVE-2024-45157
Medium priorityAn issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not cause the PSA subsystem to use...
1 affected packages
mbedtls
Package | 18.04 LTS |
---|---|
mbedtls | Needs evaluation |
CVE-2024-42491
Medium priorityAsterisk is an open-source private branch exchange (PBX). Prior to versions 18.24.3, 20.9.3, and 21.4.3 of Asterisk and versions 18.9-cert12 and 20.7-cert2 of certified-asterisk, if Asterisk attempts to send a SIP request to a URI...
1 affected packages
asterisk
Package | 18.04 LTS |
---|---|
asterisk | Needs evaluation |
CVE-2024-8445
Medium priorityThe fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input.
1 affected packages
389-ds-base
Package | 18.04 LTS |
---|---|
389-ds-base | Needs evaluation |
CVE-2024-20506
Medium priorityA vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior...
1 affected packages
clamav
Package | 18.04 LTS |
---|---|
clamav | Fixed |