Search CVE reports

31 – 40 of 1750 results

Detailed view

Sort by:

CVE-2020-1945

Medium priority

Fixed

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp...

1 affected package

ant

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ant	Not affected	Not affected	Fixed	Fixed

CVE-2020-11979

Medium priority

Needs evaluation

As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file...

1 affected package

ant

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ant	Not affected	Not affected	Needs evaluation	Needs evaluation

CVE-2019-9857

Medium priority

Not affected

In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory...

27 affected packages

linux-aws, linux-flo, linux-goldfish, linux-aws-hwe, linux-azure...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux-aws	—	—	—	Not affected
linux-flo	—	—	—	Not in release
linux-goldfish	—	—	—	Not in release
linux-aws-hwe	—	—	—	Not in release
linux-azure	—	—	—	Not affected
linux	—	—	—	Not affected
linux-azure-edge	—	—	—	Not affected
linux-euclid	—	—	—	Not in release
linux-gcp	—	—	—	Not affected
linux-gcp-edge	—	—	—	Not affected
linux-gke	—	—	—	Not affected
linux-grouper	—	—	—	Not in release
linux-hwe	—	—	—	Not affected
linux-hwe-edge	—	—	—	Not affected
linux-kvm	—	—	—	Not affected
linux-lts-trusty	—	—	—	Not in release
linux-lts-utopic	—	—	—	Not in release
linux-lts-vivid	—	—	—	Not in release
linux-lts-wily	—	—	—	Not in release
linux-lts-xenial	—	—	—	Not in release
linux-maguro	—	—	—	Not in release
linux-mako	—	—	—	Not in release
linux-manta	—	—	—	Not in release
linux-oem	—	—	—	Not affected
linux-oracle	—	—	—	Not affected
linux-raspi2	—	—	—	Not affected
linux-snapdragon	—	—	—	Not affected

CVE-2019-9503

Medium priority

Some fixes available 54 of 57

The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the...

89 affected packages

linux-aws, linux-flo, linux-aws-hwe, linux-azure, linux...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux-aws	Not affected	Not affected	Not affected	Fixed
linux-flo	—	—	—	Not in release
linux-aws-hwe	Not in release	Not in release	Not in release	Not in release
linux-azure	Not affected	Not affected	Not affected	Fixed
linux	Not affected	Not affected	Not affected	Fixed
linux-azure-edge	Not in release	Not in release	Not in release	Fixed
linux-euclid	—	—	—	Not in release
linux-gcp	Not affected	Not affected	Not affected	Fixed
linux-gcp-edge	—	—	—	Fixed
linux-gke	Not affected	Not affected	Ignored	Not in release
linux-gke-4.15	Not in release	Not in release	Not in release	Fixed
linux-gke-5.0	Not in release	Not in release	Not in release	Not affected
linux-goldfish	—	—	—	Not in release
linux-grouper	—	—	—	Not in release
linux-hwe	Not in release	Not in release	Not in release	Fixed
linux-hwe-edge	Not in release	Not in release	Not in release	Not affected
linux-kvm	Not in release	Not affected	Not affected	Fixed
linux-lts-trusty	—	—	—	Not in release
linux-lts-utopic	—	—	—	Not in release
linux-lts-vivid	—	—	—	Not in release
linux-lts-wily	—	—	—	Not in release
linux-lts-xenial	Not in release	Not in release	Not in release	Not in release
linux-maguro	—	—	—	Not in release
linux-mako	—	—	—	Not in release
linux-manta	—	—	—	Not in release
linux-oem	Not in release	Not in release	Not in release	Fixed
linux-oracle	Not affected	Not affected	Not affected	Fixed
linux-raspi2	Not in release	Not in release	Ignored	Fixed
linux-snapdragon	Not in release	Not in release	Not in release	Fixed
linux-hwe-5.4	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.15	Not in release	Not in release	Not affected	Not in release
linux-hwe-6.8	Not in release	Not affected	Not in release	Not in release
linux-aws-5.4	Not in release	Not in release	Not in release	Not affected
linux-aws-5.15	Not in release	Not in release	Not affected	Not in release
linux-azure-4.15	Not in release	Not in release	Not in release	Not affected
linux-azure-5.4	Not in release	Not in release	Not in release	Not affected
linux-azure-5.15	Not in release	Not in release	Not affected	Not in release
linux-azure-fde	Not in release	Not affected	Ignored	Not in release
linux-azure-fde-5.15	Not in release	Not in release	Not affected	Not in release
linux-bluefield	Not in release	Not in release	Not affected	Not in release
linux-fips	Not in release	Not affected	Not affected	Not affected
linux-aws-fips	Not in release	Not affected	Not affected	Not affected
linux-azure-fips	Not in release	Not affected	Not affected	Not affected
linux-gcp-fips	Not in release	Not affected	Not affected	Not affected
linux-gcp-4.15	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.4	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.15	Not in release	Not in release	Not affected	Not in release
linux-gkeop	Not affected	Not affected	Not affected	Not in release
linux-gkeop-5.15	Not in release	Not in release	Not affected	Not in release
linux-ibm	Not affected	Not affected	Not affected	Not in release
linux-ibm-5.4	Not in release	Not in release	Not in release	Not affected
linux-ibm-5.15	Not in release	Not in release	Not affected	Not in release
linux-intel	Not affected	Not in release	Not in release	Not in release
linux-intel-iotg	Not in release	Not affected	Not in release	Not in release
linux-intel-iotg-5.15	Not in release	Not in release	Not affected	Not in release
linux-iot	Not in release	Not in release	Not affected	Not in release
linux-intel-iot-realtime	Not in release	Not affected	Not in release	Not in release
linux-lowlatency	Not affected	Not affected	Not in release	Not in release
linux-lowlatency-hwe-5.15	Not in release	Not in release	Not affected	Not in release
linux-lowlatency-hwe-6.8	Not in release	Not affected	Not in release	Not in release
linux-nvidia	Not affected	Not affected	Not in release	Not in release
linux-nvidia-6.5	Not in release	Not affected	Not in release	Not in release
linux-nvidia-6.8	Not in release	Not affected	Not in release	Not in release
linux-nvidia-lowlatency	Not affected	Not in release	Not in release	Not in release
linux-oracle-5.4	Not in release	Not in release	Not in release	Not affected
linux-oracle-5.15	Not in release	Not in release	Not affected	Not in release
linux-oem-6.8	Not affected	Not in release	Not in release	Not in release
linux-raspi	Not affected	Not affected	Not affected	Not in release
linux-raspi-5.4	Not in release	Not in release	Not in release	Not affected
linux-raspi-realtime	Not affected	Not in release	Not in release	Not in release
linux-realtime	Not affected	Not affected	Not in release	Not in release
linux-riscv	Not affected	Ignored	Ignored	Not in release
linux-riscv-5.15	Not in release	Not in release	Not affected	Not in release
linux-riscv-6.8	Not in release	Not affected	Not in release	Not in release
linux-xilinx-zynqmp	Not in release	Not affected	Not affected	Not in release
linux-aws-6.8	Not in release	Not affected	Not in release	Not in release
linux-gcp-6.8	Not in release	Not affected	Not in release	Not in release
linux-oracle-6.8	Not in release	Not affected	Not in release	Not in release
linux-azure-6.8	Not in release	Not affected	Not in release	Not in release
linux-oem-6.11	Not affected	Not in release	Not in release	Not in release
linux-hwe-6.11	Not affected	Not in release	Not in release	Not in release
linux-azure-6.11	Not affected	Not in release	Not in release	Not in release
linux-azure-nvidia	Not affected	Not in release	Not in release	Not in release
linux-gcp-6.11	Not affected	Not in release	Not in release	Not in release
linux-lowlatency-hwe-6.11	Not affected	Not in release	Not in release	Not in release
linux-nvidia-tegra	Not affected	Not affected	Not in release	Not in release
linux-nvidia-tegra-5.15	Not in release	Not in release	Not affected	Not in release
linux-nvidia-tegra-igx	Not in release	Not affected	Not in release	Not in release
linux-oem-6.14	Not affected	Not in release	Not in release	Not in release

CVE-2019-9500

Medium priority

Fixed

The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be...

29 affected packages

linux, linux-goldfish, linux-aws, linux-flo, linux-aws-hwe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	Fixed
linux-goldfish	—	—	—	Not in release
linux-aws	—	—	—	Fixed
linux-flo	—	—	—	Not in release
linux-aws-hwe	—	—	—	Not in release
linux-azure	—	—	—	Fixed
linux-azure-edge	—	—	—	Fixed
linux-euclid	—	—	—	Not in release
linux-gcp	—	—	—	Fixed
linux-gcp-edge	—	—	—	Fixed
linux-gke	—	—	—	Not in release
linux-gke-4.15	—	—	—	Fixed
linux-gke-5.0	—	—	—	Not affected
linux-grouper	—	—	—	Not in release
linux-hwe	—	—	—	Fixed
linux-hwe-edge	—	—	—	Not affected
linux-kvm	—	—	—	Fixed
linux-lts-trusty	—	—	—	Not in release
linux-lts-utopic	—	—	—	Not in release
linux-lts-vivid	—	—	—	Not in release
linux-lts-wily	—	—	—	Not in release
linux-lts-xenial	—	—	—	Not in release
linux-maguro	—	—	—	Not in release
linux-mako	—	—	—	Not in release
linux-manta	—	—	—	Not in release
linux-oem	—	—	—	Fixed
linux-oracle	—	—	—	Fixed
linux-raspi2	—	—	—	Fixed
linux-snapdragon	—	—	—	Not affected

CVE-2019-9499

Medium priority

Fixed

The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may...

2 affected packages

wpa, wpasupplicant

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
wpa	—	—	—	Fixed
wpasupplicant	—	—	—	Not in release

CVE-2019-9498

Medium priority

Fixed

The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able...

2 affected packages

wpa, wpasupplicant

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
wpa	—	—	—	Fixed
wpasupplicant	—	—	—	Not in release

CVE-2019-9497

Medium priority

Fixed

The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without...

2 affected packages

wpa, wpasupplicant

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
wpa	—	—	—	Fixed
wpasupplicant	—	—	—	Not in release

CVE-2019-9496

Medium priority

Not affected

An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are...

2 affected packages

wpa, wpasupplicant

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
wpa	—	—	—	Not affected
wpasupplicant	—	—	—	Not in release

CVE-2019-9495

Medium priority

Fixed

The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability...

2 affected packages

wpa, wpasupplicant

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
wpa	—	—	—	Fixed
wpasupplicant	—	—	—	Not in release

Export to JSON

Results by page: