Search CVE reports
201 – 210 of 36570 results
CVE-2024-34155
Medium priorityCalling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.
14 affected packages
golang, golang-1.10, golang-1.13, golang-1.14, golang-1.16...
| Package | 16.04 LTS |
|---|---|
| golang | — |
| golang-1.10 | Needs evaluation |
| golang-1.13 | Needs evaluation |
| golang-1.14 | — |
| golang-1.16 | — |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.19 | — |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.6 | Needs evaluation |
| golang-1.8 | — |
| golang-1.9 | — |
CVE-2024-8517
Medium prioritySPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request.
1 affected packages
spip
| Package | 16.04 LTS |
|---|---|
| spip | Needs evaluation |
CVE-2024-25584
Medium priorityDovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always be CR LF DOT CR LF. This causes Dovecot to convert single mail with LF DOT LF in middle, into two emails when relaying to SMTP....
1 affected packages
dovecot
| Package | 16.04 LTS |
|---|---|
| dovecot | Not affected |
CVE-2023-52916
Medium priorityIn the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this...
121 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
| Package | 16.04 LTS |
|---|---|
| linux | Ignored |
| linux-allwinner-5.19 | — |
| linux-aws | Ignored |
| linux-aws-5.0 | — |
| linux-aws-5.11 | — |
| linux-aws-5.13 | — |
| linux-aws-5.15 | — |
| linux-aws-5.19 | — |
| linux-aws-5.3 | — |
| linux-aws-5.4 | — |
| linux-aws-5.8 | — |
| linux-aws-6.2 | — |
| linux-aws-6.5 | — |
| linux-aws-fips | — |
| linux-aws-hwe | Ignored |
| linux-azure | Ignored |
| linux-azure-4.15 | — |
| linux-azure-5.11 | — |
| linux-azure-5.13 | — |
| linux-azure-5.15 | — |
| linux-azure-5.19 | — |
| linux-azure-5.3 | — |
| linux-azure-5.4 | — |
| linux-azure-5.8 | — |
| linux-azure-6.2 | — |
| linux-azure-6.5 | — |
| linux-azure-edge | — |
| linux-azure-fde | — |
| linux-azure-fde-5.15 | — |
| linux-azure-fde-5.19 | — |
| linux-azure-fde-6.2 | — |
| linux-azure-fips | — |
| linux-bluefield | — |
| linux-fips | — |
| linux-gcp | Ignored |
| linux-gcp-4.15 | — |
| linux-gcp-5.11 | — |
| linux-gcp-5.13 | — |
| linux-gcp-5.15 | — |
| linux-gcp-5.19 | — |
| linux-gcp-5.3 | — |
| linux-gcp-5.4 | — |
| linux-gcp-5.8 | — |
| linux-gcp-6.2 | — |
| linux-gcp-6.5 | — |
| linux-gcp-fips | — |
| linux-gke | — |
| linux-gke-4.15 | — |
| linux-gke-5.15 | — |
| linux-gke-5.4 | — |
| linux-gkeop | — |
| linux-gkeop-5.15 | — |
| linux-gkeop-5.4 | — |
| linux-hwe | Ignored |
| linux-hwe-5.11 | — |
| linux-hwe-5.13 | — |
| linux-hwe-5.15 | — |
| linux-hwe-5.19 | — |
| linux-hwe-5.4 | — |
| linux-hwe-5.8 | — |
| linux-hwe-6.2 | — |
| linux-hwe-6.5 | — |
| linux-hwe-6.8 | — |
| linux-hwe-edge | Ignored |
| linux-ibm | — |
| linux-ibm-5.15 | — |
| linux-ibm-5.4 | — |
| linux-intel | Not in release |
| linux-intel-5.13 | — |
| linux-intel-iot-realtime | — |
| linux-intel-iotg | — |
| linux-intel-iotg-5.15 | — |
| linux-iot | — |
| linux-kvm | Ignored |
| linux-lowlatency | — |
| linux-lowlatency-hwe-5.15 | — |
| linux-lowlatency-hwe-5.19 | — |
| linux-lowlatency-hwe-6.2 | — |
| linux-lowlatency-hwe-6.5 | — |
| linux-lowlatency-hwe-6.8 | — |
| linux-lts-xenial | — |
| linux-nvidia | — |
| linux-nvidia-6.2 | — |
| linux-nvidia-6.5 | — |
| linux-nvidia-6.8 | — |
| linux-nvidia-lowlatency | — |
| linux-oem | — |
| linux-oem-5.10 | — |
| linux-oem-5.13 | — |
| linux-oem-5.14 | — |
| linux-oem-5.17 | — |
| linux-oem-5.6 | — |
| linux-oem-6.0 | — |
| linux-oem-6.1 | — |
| linux-oem-6.5 | — |
| linux-oem-6.8 | — |
| linux-oracle | Ignored |
| linux-oracle-5.0 | — |
| linux-oracle-5.11 | — |
| linux-oracle-5.13 | — |
| linux-oracle-5.15 | — |
| linux-oracle-5.3 | — |
| linux-oracle-5.4 | — |
| linux-oracle-5.8 | — |
| linux-oracle-6.5 | — |
| linux-raspi | — |
| linux-raspi-5.4 | — |
| linux-raspi-realtime | — |
| linux-raspi2 | — |
| linux-realtime | — |
| linux-riscv | — |
| linux-riscv-5.11 | — |
| linux-riscv-5.15 | — |
| linux-riscv-5.19 | — |
| linux-riscv-5.8 | — |
| linux-riscv-6.5 | — |
| linux-riscv-6.8 | — |
| linux-starfive-5.19 | — |
| linux-starfive-6.2 | — |
| linux-starfive-6.5 | — |
| linux-xilinx-zynqmp | — |
CVE-2023-52915
Medium priorityIn the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer In af9035_i2c_master_xfer, msg is controlled by user. When msg[i].buf is null and...
121 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
| Package | 16.04 LTS |
|---|---|
| linux | Ignored |
| linux-allwinner-5.19 | — |
| linux-aws | Ignored |
| linux-aws-5.0 | — |
| linux-aws-5.11 | — |
| linux-aws-5.13 | — |
| linux-aws-5.15 | — |
| linux-aws-5.19 | — |
| linux-aws-5.3 | — |
| linux-aws-5.4 | — |
| linux-aws-5.8 | — |
| linux-aws-6.2 | — |
| linux-aws-6.5 | — |
| linux-aws-fips | — |
| linux-aws-hwe | Ignored |
| linux-azure | Ignored |
| linux-azure-4.15 | — |
| linux-azure-5.11 | — |
| linux-azure-5.13 | — |
| linux-azure-5.15 | — |
| linux-azure-5.19 | — |
| linux-azure-5.3 | — |
| linux-azure-5.4 | — |
| linux-azure-5.8 | — |
| linux-azure-6.2 | — |
| linux-azure-6.5 | — |
| linux-azure-edge | — |
| linux-azure-fde | — |
| linux-azure-fde-5.15 | — |
| linux-azure-fde-5.19 | — |
| linux-azure-fde-6.2 | — |
| linux-azure-fips | — |
| linux-bluefield | — |
| linux-fips | — |
| linux-gcp | Ignored |
| linux-gcp-4.15 | — |
| linux-gcp-5.11 | — |
| linux-gcp-5.13 | — |
| linux-gcp-5.15 | — |
| linux-gcp-5.19 | — |
| linux-gcp-5.3 | — |
| linux-gcp-5.4 | — |
| linux-gcp-5.8 | — |
| linux-gcp-6.2 | — |
| linux-gcp-6.5 | — |
| linux-gcp-fips | — |
| linux-gke | — |
| linux-gke-4.15 | — |
| linux-gke-5.15 | — |
| linux-gke-5.4 | — |
| linux-gkeop | — |
| linux-gkeop-5.15 | — |
| linux-gkeop-5.4 | — |
| linux-hwe | Ignored |
| linux-hwe-5.11 | — |
| linux-hwe-5.13 | — |
| linux-hwe-5.15 | — |
| linux-hwe-5.19 | — |
| linux-hwe-5.4 | — |
| linux-hwe-5.8 | — |
| linux-hwe-6.2 | — |
| linux-hwe-6.5 | — |
| linux-hwe-6.8 | — |
| linux-hwe-edge | Ignored |
| linux-ibm | — |
| linux-ibm-5.15 | — |
| linux-ibm-5.4 | — |
| linux-intel | Not in release |
| linux-intel-5.13 | — |
| linux-intel-iot-realtime | — |
| linux-intel-iotg | — |
| linux-intel-iotg-5.15 | — |
| linux-iot | — |
| linux-kvm | Ignored |
| linux-lowlatency | — |
| linux-lowlatency-hwe-5.15 | — |
| linux-lowlatency-hwe-5.19 | — |
| linux-lowlatency-hwe-6.2 | — |
| linux-lowlatency-hwe-6.5 | — |
| linux-lowlatency-hwe-6.8 | — |
| linux-lts-xenial | — |
| linux-nvidia | — |
| linux-nvidia-6.2 | — |
| linux-nvidia-6.5 | — |
| linux-nvidia-6.8 | — |
| linux-nvidia-lowlatency | — |
| linux-oem | — |
| linux-oem-5.10 | — |
| linux-oem-5.13 | — |
| linux-oem-5.14 | — |
| linux-oem-5.17 | — |
| linux-oem-5.6 | — |
| linux-oem-6.0 | — |
| linux-oem-6.1 | — |
| linux-oem-6.5 | — |
| linux-oem-6.8 | — |
| linux-oracle | Ignored |
| linux-oracle-5.0 | — |
| linux-oracle-5.11 | — |
| linux-oracle-5.13 | — |
| linux-oracle-5.15 | — |
| linux-oracle-5.3 | — |
| linux-oracle-5.4 | — |
| linux-oracle-5.8 | — |
| linux-oracle-6.5 | — |
| linux-raspi | — |
| linux-raspi-5.4 | — |
| linux-raspi-realtime | — |
| linux-raspi2 | — |
| linux-realtime | — |
| linux-riscv | — |
| linux-riscv-5.11 | — |
| linux-riscv-5.15 | — |
| linux-riscv-5.19 | — |
| linux-riscv-5.8 | — |
| linux-riscv-6.5 | — |
| linux-riscv-6.8 | — |
| linux-starfive-5.19 | — |
| linux-starfive-6.2 | — |
| linux-starfive-6.5 | — |
| linux-xilinx-zynqmp | — |
CVE-2024-45751
Medium prioritytgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical.
2 affected packages
iscsitarget, tgt
| Package | 16.04 LTS |
|---|---|
| iscsitarget | Needs evaluation |
| tgt | Needs evaluation |
CVE-2024-45159
Medium priorityAn issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage...
1 affected packages
mbedtls
| Package | 16.04 LTS |
|---|---|
| mbedtls | Needs evaluation |
CVE-2024-45158
Medium priorityAn issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() can occur when the bits parameter is larger than the largest supported curve. In some...
1 affected packages
mbedtls
| Package | 16.04 LTS |
|---|---|
| mbedtls | Needs evaluation |
CVE-2024-45157
Medium priorityAn issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not cause the PSA subsystem to use...
1 affected packages
mbedtls
| Package | 16.04 LTS |
|---|---|
| mbedtls | Needs evaluation |
CVE-2024-42491
Medium priorityAsterisk is an open-source private branch exchange (PBX). Prior to versions 18.24.3, 20.9.3, and 21.4.3 of Asterisk and versions 18.9-cert12 and 20.7-cert2 of certified-asterisk, if Asterisk attempts to send a SIP request to a URI...
1 affected packages
asterisk
| Package | 16.04 LTS |
|---|---|
| asterisk | Needs evaluation |