Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

61 – 70 of 20968 results

Status is adjusted based on your filters.


CVE-2024-50613

Medium priority
Needs evaluation

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.

1 affected packages

libsndfile

Package 24.04 LTS
libsndfile Needs evaluation
Show less packages

CVE-2024-50612

Medium priority
Needs evaluation

libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.

1 affected packages

libsndfile

Package 24.04 LTS
libsndfile Needs evaluation
Show less packages

CVE-2024-50610

Medium priority
Needs evaluation

GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many in siman/siman.c. When params.n_tries is negative, incorrect memory allocation occurs.

1 affected packages

gsl

Package 24.04 LTS
gsl Needs evaluation
Show less packages

CVE-2024-50602

Medium priority
Needs evaluation

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

23 affected packages

apache2, apr-util, ayttm, cableswig, cadaver...

Package 24.04 LTS
apache2 Not affected
apr-util Not affected
ayttm Not in release
cableswig Not in release
cadaver Needs evaluation
cmake Not affected
coin3 Not affected
expat Needs evaluation
firefox Not affected
gdcm Not affected
ghostscript Not affected
insighttoolkit4 Not in release
libxmltok Needs evaluation
matanza Needs evaluation
smart Not in release
swish-e Needs evaluation
tdom Needs evaluation
texlive-bin Not affected
thunderbird Not affected
vnc4 Not in release
vtk Not in release
wbxml2 Needs evaluation
xmlrpc-c Needs evaluation
Show all 23 packages Show less packages

CVE-2024-0126

Medium priority
Needs evaluation

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a privileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service,...

34 affected packages

nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-340, nvidia-graphics-drivers-340-updates, nvidia-graphics-drivers-352...

Package 24.04 LTS
nvidia-graphics-drivers-304 Not in release
nvidia-graphics-drivers-304-updates Not in release
nvidia-graphics-drivers-340 Not in release
nvidia-graphics-drivers-340-updates Not in release
nvidia-graphics-drivers-352 Not in release
nvidia-graphics-drivers-352-updates Not in release
nvidia-graphics-drivers-361 Not in release
nvidia-graphics-drivers-367 Not in release
nvidia-graphics-drivers-375 Not in release
nvidia-graphics-drivers-384 Not in release
nvidia-graphics-drivers-390 Not in release
nvidia-graphics-drivers-418-server Not in release
nvidia-graphics-drivers-430 Not in release
nvidia-graphics-drivers-435 Not in release
nvidia-graphics-drivers-440 Not in release
nvidia-graphics-drivers-440-server Not in release
nvidia-graphics-drivers-450 Not in release
nvidia-graphics-drivers-450-server Not in release
nvidia-graphics-drivers-455 Not in release
nvidia-graphics-drivers-460 Not in release
nvidia-graphics-drivers-460-server Not in release
nvidia-graphics-drivers-470 Needs evaluation
nvidia-graphics-drivers-470-server Needs evaluation
nvidia-graphics-drivers-495 Not in release
nvidia-graphics-drivers-510 Not in release
nvidia-graphics-drivers-510-server Not in release
nvidia-graphics-drivers-515 Not in release
nvidia-graphics-drivers-515-server Not in release
nvidia-graphics-drivers-520 Not in release
nvidia-graphics-drivers-525 Not affected
nvidia-graphics-drivers-525-server Not affected
nvidia-graphics-drivers-530 Not in release
nvidia-graphics-drivers-535 Needs evaluation
nvidia-graphics-drivers-535-server Needs evaluation
Show all 34 packages Show less packages

CVE-2024-49767

Medium priority
Vulnerable

Werkzeug is a Web Server Gateway Interface web application library. Applications using `werkzeug.formparser.MultiPartParser` corresponding to a version of Werkzeug prior to 3.0.6 to parse `multipart/form-data` requests (e.g. all...

2 affected packages

python-werkzeug, quart

Package 24.04 LTS
python-werkzeug Vulnerable
quart Needs evaluation
Show less packages

CVE-2024-49766

Medium priority
Not affected

Werkzeug is a Web Server Gateway Interface web application library. On Python < 3.11 on Windows, os.path.isabs() does not catch UNC paths like //server/share. Werkzeug's safe_join() relies on this check, and so can produce a path...

1 affected packages

python-werkzeug

Package 24.04 LTS
python-werkzeug Not affected
Show less packages

CVE-2024-49760

Medium priority
Needs evaluation

OpenRefine is a free, open source tool for working with messy data. The load-language command expects a `lang` parameter from which it constructs the path of the localization file to load, of the form `translations-$LANG.json`....

1 affected packages

openrefine

Package 24.04 LTS
openrefine Needs evaluation
Show less packages

CVE-2024-48426

Medium priority
Needs evaluation

A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address (0x1000c9714971).

4 affected packages

assimp, qt6-3d, qt6-quick3d, spring

Package 24.04 LTS
assimp Needs evaluation
qt6-3d Needs evaluation
qt6-quick3d Needs evaluation
spring Needs evaluation
Show less packages

CVE-2024-48425

Medium priority
Needs evaluation

A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at...

4 affected packages

assimp, qt6-3d, qt6-quick3d, spring

Package 24.04 LTS
assimp Needs evaluation
qt6-3d Needs evaluation
qt6-quick3d Needs evaluation
spring Needs evaluation
Show less packages