Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

21 – 30 of 428 results

CVE-2024-31584

Medium priority
Needs evaluation

Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbuffer_loader.cpp.

1 affected packages

pytorch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pytorch Not in release Needs evaluation Not in release
Show less packages

CVE-2024-31583

Medium priority
Needs evaluation

Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp.

1 affected packages

pytorch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pytorch Not in release Needs evaluation Not in release
Show less packages

CVE-2024-31580

Medium priority
Needs evaluation

PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

1 affected packages

pytorch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pytorch Not in release Needs evaluation Not in release
Show less packages

CVE-2024-21090

Medium priority
Needs evaluation

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network...

1 affected packages

mysql-connector-python

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mysql-connector-python Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-28335

Medium priority
Needs evaluation

Lektor before 3.3.11 does not sanitize DB path traversal. Thus, shell commands might be executed via a file that is added to the templates directory, if the victim's web browser accesses an untrusted website that uses JavaScript...

1 affected packages

lektor

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
lektor Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-24816

Medium priority
Needs evaluation

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the `preview` feature....

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ckeditor Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ckeditor3 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
ldap-account-manager Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
request-tracker4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-24815

Medium priority
Needs evaluation

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module in versions of CKEditor4 prior to 4.24.0-lts. It may affect all editor...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ckeditor Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ckeditor3 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
ldap-account-manager Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
request-tracker4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-1141

Medium priority

Some fixes available 5 of 7

A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level is enabled.

1 affected packages

python-glance-store

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-glance-store Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2023-3726

Medium priority
Needs evaluation

OCSInventory allow stored email template with special characters that lead to a Stored cross-site Scripting.

1 affected packages

ocsinventory-server

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ocsinventory-server Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-4771

Medium priority
Needs evaluation

A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ckeditor Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ckeditor3 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
ldap-account-manager Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
request-tracker4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON