Search CVE reports
51 – 60 of 24962 results
CVE-2024-10458
Medium priorityA permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4,...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 22.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Not in release |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Ignored |
| mozjs91 | Ignored |
| thunderbird | Vulnerable |
CVE-2024-49761
Medium priorityREXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby...
7 affected packages
jruby, ruby2.3, ruby2.5, ruby2.7, ruby3.0...
| Package | 22.04 LTS |
|---|---|
| jruby | Not in release |
| ruby2.3 | Not in release |
| ruby2.5 | Not in release |
| ruby2.7 | Not in release |
| ruby3.0 | Needs evaluation |
| ruby3.2 | Not in release |
| ruby3.3 | Not in release |
CVE-2024-45802
Medium prioritySquid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime...
2 affected packages
squid, squid3
| Package | 22.04 LTS |
|---|---|
| squid | Needs evaluation |
| squid3 | Not in release |
CVE-2024-8013
Medium priorityNot in release
A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. Should this occur, no...
1 affected packages
mongodb
| Package | 22.04 LTS |
|---|---|
| mongodb | Not in release |
CVE-2024-48936
Medium prioritySchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with...
1 affected packages
slurm-wlm
| Package | 22.04 LTS |
|---|---|
| slurm-wlm | Needs evaluation |
CVE-2024-50624
Medium priorityispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is used for a URL such as http://autoconfig.example.com...
1 affected packages
kmail
| Package | 22.04 LTS |
|---|---|
| kmail | Needs evaluation |
CVE-2024-50067
Medium priorityIn the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring buffer to avoid non-atomic...
124 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
| Package | 22.04 LTS |
|---|---|
| linux | Vulnerable |
| linux-allwinner-5.19 | Ignored |
| linux-aws | Vulnerable |
| linux-aws-5.0 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Ignored |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-5.8 | Not in release |
| linux-aws-6.2 | Ignored |
| linux-aws-6.5 | Ignored |
| linux-aws-6.8 | Vulnerable |
| linux-aws-fips | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure | Vulnerable |
| linux-azure-4.15 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Ignored |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Not in release |
| linux-azure-6.2 | Ignored |
| linux-azure-6.5 | Ignored |
| linux-azure-6.8 | Vulnerable |
| linux-azure-edge | Not in release |
| linux-azure-fde | Vulnerable |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Ignored |
| linux-azure-fde-6.2 | Ignored |
| linux-azure-fips | Not in release |
| linux-bluefield | Not in release |
| linux-fips | Not in release |
| linux-gcp | Vulnerable |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Ignored |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Not in release |
| linux-gcp-6.2 | Ignored |
| linux-gcp-6.5 | Ignored |
| linux-gcp-6.8 | Vulnerable |
| linux-gcp-fips | Not in release |
| linux-gke | Vulnerable |
| linux-gke-4.15 | Not in release |
| linux-gke-5.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gkeop | Vulnerable |
| linux-gkeop-5.15 | Not in release |
| linux-gkeop-5.4 | Not in release |
| linux-hwe | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Ignored |
| linux-hwe-5.4 | Not in release |
| linux-hwe-5.8 | Not in release |
| linux-hwe-6.2 | Ignored |
| linux-hwe-6.5 | Ignored |
| linux-hwe-6.8 | Vulnerable |
| linux-hwe-edge | Not in release |
| linux-ibm | Vulnerable |
| linux-ibm-5.15 | Not in release |
| linux-ibm-5.4 | Not in release |
| linux-intel-5.13 | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-intel-iotg | Vulnerable |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-kvm | Vulnerable |
| linux-lowlatency | Vulnerable |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Ignored |
| linux-lowlatency-hwe-6.2 | Ignored |
| linux-lowlatency-hwe-6.5 | Ignored |
| linux-lowlatency-hwe-6.8 | Vulnerable |
| linux-lts-xenial | Not in release |
| linux-nvidia | Vulnerable |
| linux-nvidia-6.2 | Ignored |
| linux-nvidia-6.5 | Ignored |
| linux-nvidia-6.8 | Vulnerable |
| linux-nvidia-lowlatency | Not in release |
| linux-oem | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Ignored |
| linux-oem-5.6 | Not in release |
| linux-oem-6.0 | Ignored |
| linux-oem-6.1 | Ignored |
| linux-oem-6.5 | Ignored |
| linux-oem-6.8 | Not in release |
| linux-oracle | Vulnerable |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Not in release |
| linux-oracle-6.5 | Ignored |
| linux-oracle-6.8 | Vulnerable |
| linux-raspi | Vulnerable |
| linux-raspi-5.4 | Not in release |
| linux-raspi-realtime | Not in release |
| linux-raspi2 | Not in release |
| linux-realtime | Ignored |
| linux-riscv | Ignored |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Ignored |
| linux-riscv-5.8 | Not in release |
| linux-riscv-6.5 | Ignored |
| linux-riscv-6.8 | Vulnerable |
| linux-starfive-5.19 | Ignored |
| linux-starfive-6.2 | Ignored |
| linux-starfive-6.5 | Ignored |
| linux-xilinx-zynqmp | Vulnerable |
CVE-2024-46613
Medium priority[Integer Overflow to Buffer Overflow vulnerability in "string_free_split" functions]
1 affected packages
weechat
| Package | 22.04 LTS |
|---|---|
| weechat | Needs evaluation |
CVE-2024-50615
Medium priorityTinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.
1 affected packages
tinyxml2
| Package | 22.04 LTS |
|---|---|
| tinyxml2 | Needs evaluation |
CVE-2024-50614
Medium priorityTinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.
1 affected packages
tinyxml2
| Package | 22.04 LTS |
|---|---|
| tinyxml2 | Needs evaluation |