Search CVE reports
41 – 50 of 26326 results
CVE-2025-21176
Medium prioritySome fixes available 1 of 3
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability: Insufficient input data validation leads to heap-based buffer overflow in msdia140.dll. An attacker could exploit this vulnerability by loading a...
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 22.04 LTS |
|---|---|
| dotnet6 | Ignored |
| dotnet7 | Ignored |
| dotnet8 | Fixed |
| dotnet9 | Not in release |
CVE-2025-21173
Medium prioritySome fixes available 1 of 3
.NET Elevation of Privilege Vulnerability: Insecure Temp File Usage Allows Malicious Package Dependency Injection on Linux. An attacker could exploit this vulnerability to writing a specially crafted file in the security...
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 22.04 LTS |
|---|---|
| dotnet6 | Ignored |
| dotnet7 | Ignored |
| dotnet8 | Fixed |
| dotnet9 | Not in release |
CVE-2025-21172
Medium prioritySome fixes available 1 of 3
.NET and Visual Studio Remote Code Execution Vulnerability: Integer overflow in msdia140.dll leads to heap-based buffer overflow, leading to possible RCE. An attacker could exploit this vulnerability by loading a specially crafted...
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 22.04 LTS |
|---|---|
| dotnet6 | Ignored |
| dotnet7 | Ignored |
| dotnet8 | Fixed |
| dotnet9 | Not in release |
CVE-2025-21171
Medium priority.NET Remote Code Execution Vulnerability: Buffer overrun in Convert.TryToHexString. An attacker could exploit this vulnerability by sending a specially crafted request to the vulnerable web server.
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 22.04 LTS |
|---|---|
| dotnet6 | Not affected |
| dotnet7 | Ignored |
| dotnet8 | Not affected |
| dotnet9 | Not in release |
CVE-2024-53263
Medium priorityGit LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the `git-credential(1)` command without checking for embedded line-ending...
1 affected package
git-lfs
| Package | 22.04 LTS |
|---|---|
| git-lfs | Needs evaluation |
CVE-2024-52006
Medium priorityGit is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. Git defines a line-based protocol that is used to exchange...
1 affected package
git
| Package | 22.04 LTS |
|---|---|
| git | Fixed |
CVE-2024-50349
Medium priorityGit is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt (i.e....
1 affected package
git
| Package | 22.04 LTS |
|---|---|
| git | Fixed |
CVE-2024-56374
Medium priorityAn issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential...
1 affected package
python-django
| Package | 22.04 LTS |
|---|---|
| python-django | Fixed |
CVE-2024-57664
Medium priorityAn issue in the sqlg_group_node component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
1 affected package
virtuoso-opensource
| Package | 22.04 LTS |
|---|---|
| virtuoso-opensource | Needs evaluation |
CVE-2024-57663
Medium priorityAn issue in the sqlg_place_dpipes component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
1 affected package
virtuoso-opensource
| Package | 22.04 LTS |
|---|---|
| virtuoso-opensource | Needs evaluation |