Search CVE reports

11 – 20 of 1755 results

Detailed view

Sort by:

CVE-2024-6388

Medium priority

Some fixes available 5 of 6

Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the token as an argument in plaintext.

1 affected package

ubuntu-advantage-desktop-daemon

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ubuntu-advantage-desktop-daemon	Fixed	Fixed	Fixed	Fixed

CVE-2024-3772

Medium priority

Some fixes available 2 of 3

Regular expression denial of service in Pydanic < 2.4.0, < 1.10.13 allows remote attackers to cause denial of service via a crafted email string.

1 affected package

pydantic

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pydantic	Not affected	Fixed	Fixed	—

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to 1.7.5, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of the HTML...

1 affected package

libowasp-antisamy-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libowasp-antisamy-java	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2023-43643

Medium priority

Needs evaluation

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to version 1.7.4, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of...

1 affected package

libowasp-antisamy-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libowasp-antisamy-java	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2023-3432

Medium priority

Ignored

Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml prior to 1.2023.9.

1 affected package

plantuml

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
plantuml	Not affected	Not affected	Not affected	Not affected

CVE-2023-3431

Medium priority

Ignored

Improper Access Control in GitHub repository plantuml/plantuml prior to 1.2023.9.

1 affected package

plantuml

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
plantuml	Ignored	Ignored	Not affected	Not affected

CVE-2017-1000

Medium priority

Some fixes available 8 of 10

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.

72 affected packages

linux, linux-azure, linux-azure-edge, linux-euclid, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	Not affected	Not affected	Not affected	Not affected
linux-azure	Not affected	Not affected	Not affected	Not affected
linux-azure-edge	Not in release	Not in release	Not in release	Not affected
linux-euclid	—	—	—	Not in release
linux-flo	—	—	—	Not in release
linux-gcp	Not affected	Not affected	Not affected	Not affected
linux-gke	Not affected	Not affected	Ignored	Not in release
linux-goldfish	—	—	—	Not in release
linux-grouper	—	—	—	Not in release
linux-hwe	Not in release	Not in release	Not in release	Not affected
linux-hwe-edge	Not in release	Not in release	Not in release	Not affected
linux-kvm	Not in release	Not affected	Not affected	Not affected
linux-lts-trusty	—	—	—	Not in release
linux-lts-utopic	—	—	—	Not in release
linux-lts-vivid	—	—	—	Not in release
linux-lts-wily	—	—	—	Not in release
linux-lts-xenial	Not in release	Not in release	Not in release	Not in release
linux-maguro	—	—	—	Not in release
linux-mako	—	—	—	Not in release
linux-manta	—	—	—	Not in release
linux-raspi2	Not in release	Not in release	Ignored	Not affected
linux-snapdragon	Not in release	Not in release	Not in release	Not affected
linux-oem	Not in release	Not in release	Not in release	Not affected
linux-aws	Not affected	Not affected	Not affected	Not affected
linux-hwe-5.4	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.15	Not in release	Not in release	Not affected	Not in release
linux-hwe-6.8	Not in release	Not affected	Not in release	Not in release
linux-aws-5.4	Not in release	Not in release	Not in release	Not affected
linux-aws-5.15	Not in release	Not in release	Not affected	Not in release
linux-aws-hwe	Not in release	Not in release	Not in release	Not in release
linux-azure-4.15	Not in release	Not in release	Not in release	Not affected
linux-azure-5.4	Not in release	Not in release	Not in release	Not affected
linux-azure-5.15	Not in release	Not in release	Not affected	Not in release
linux-azure-fde	Not affected	Not affected	Ignored	Not in release
linux-azure-fde-5.15	Not in release	Not in release	Not affected	Not in release
linux-bluefield	Not in release	Not in release	Not affected	Not in release
linux-fips	Not in release	Not affected	Not affected	Not affected
linux-aws-fips	Not in release	Not affected	Not affected	Not affected
linux-azure-fips	Not in release	Not affected	Not affected	Not affected
linux-gcp-fips	Not in release	Not affected	Not affected	Not affected
linux-gcp-4.15	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.4	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.15	Not in release	Not in release	Not affected	Not in release
linux-gkeop	Not affected	Not affected	Not affected	Not in release
linux-gkeop-5.15	Not in release	Not in release	Not affected	Not in release
linux-ibm	Not affected	Not affected	Not affected	Not in release
linux-ibm-5.4	Not in release	Not in release	Not in release	Not affected
linux-ibm-5.15	Not in release	Not in release	Not affected	Not in release
linux-intel	Not affected	Not in release	Not in release	Not in release
linux-intel-iotg	Not in release	Not affected	Not in release	Not in release
linux-intel-iotg-5.15	Not in release	Not in release	Not affected	Not in release
linux-iot	Not in release	Not in release	Not affected	Not in release
linux-intel-iot-realtime	Not in release	Not affected	Not in release	Not in release
linux-lowlatency	Not affected	Not affected	Not in release	Not in release
linux-lowlatency-hwe-5.15	Not in release	Not in release	Not affected	Not in release
linux-lowlatency-hwe-6.8	Not in release	Not affected	Not in release	Not in release
linux-nvidia	Not affected	Not affected	Not in release	Not in release
linux-nvidia-6.5	Not in release	Not affected	Not in release	Not in release
linux-nvidia-6.8	Not in release	Not affected	Not in release	Not in release
linux-nvidia-lowlatency	Not affected	Not in release	Not in release	Not in release
linux-oracle	Not affected	Not affected	Not affected	Not affected
linux-oracle-5.4	Not in release	Not in release	Not in release	Not affected
linux-oracle-5.15	Not in release	Not in release	Not affected	Not in release
linux-oem-6.8	Not affected	Not in release	Not in release	Not in release
linux-raspi	Not affected	Not affected	Not affected	Not in release
linux-raspi-5.4	Not in release	Not in release	Not in release	Not affected
linux-raspi-realtime	Not affected	Not in release	Not in release	Not in release
linux-realtime	Not affected	Not affected	Not in release	Not in release
linux-riscv	Not affected	Ignored	Ignored	Not in release
linux-riscv-5.15	Not in release	Not in release	Not affected	Not in release
linux-riscv-6.8	Not in release	Not affected	Not in release	Not in release
linux-xilinx-zynqmp	Not in release	Not affected	Not affected	Not in release

CVE-2022-4515

Medium priority

Fixed

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary...

1 affected package

exuberant-ctags

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
exuberant-ctags	—	Fixed	Fixed	Fixed

CVE-2022-42717

Medium priority

Needs evaluation

An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host...

1 affected package

vagrant

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
vagrant	Not in release	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2011-4916

Low priority

Ignored

Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.

18 affected packages

linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-ec2	—	—	—	—
linux-flo	—	—	—	—
linux-fsl-imx51	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-lts-backport-maverick	—	—	—	—
linux-lts-backport-natty	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-mvl-dove	—	—	—	—
linux-ti-omap4	—	—	—	—

Export to JSON

Results by page: