CVE search results

21 – 30 of 1332 results

Detailed view

Sort by:

CVE-2022-39244

Medium priority

Some fixes available 2 of 12

PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users...

3 affected packages

asterisk, pjproject, ring

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
asterisk	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
pjproject	—	Not in release	Not in release	Needs evaluation	Needs evaluation
ring	Not in release	Not in release	Fixed	Fixed	Ignored

CVE-2011-4916

Low priority

Ignored

Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.

18 affected packages

linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-armadaxp	—	—	—	—	—
linux-ec2	—	—	—	—	—
linux-flo	—	—	—	—	—
linux-fsl-imx51	—	—	—	—	—
linux-goldfish	—	—	—	—	—
linux-grouper	—	—	—	—	—
linux-lts-backport-maverick	—	—	—	—	—
linux-lts-backport-natty	—	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—	—
linux-lts-quantal	—	—	—	—	—
linux-lts-raring	—	—	—	—	—
linux-lts-saucy	—	—	—	—	—
linux-maguro	—	—	—	—	—
linux-mako	—	—	—	—	—
linux-manta	—	—	—	—	—
linux-mvl-dove	—	—	—	—	—
linux-ti-omap4	—	—	—	—	—

CVE-2022-31031

Medium priority

Some fixes available 2 of 5

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer...

2 affected packages

pjproject, ring

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
pjproject	Not in release	Not in release	Not in release	Vulnerable	Vulnerable
ring	Not in release	—	Fixed	Fixed	Ignored

CVE-2022-22978

Medium priority

Needs evaluation

In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with...

2 affected packages

libspring-java, libspring-security-2.0-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libspring-java	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libspring-security-2.0-java	—	—	—	—	—

CVE-2022-22976

Medium priority

Needs evaluation

Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor (31), the encoder does not...

2 affected packages

libspring-java, libspring-security-2.0-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libspring-java	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libspring-security-2.0-java	—	—	—	—	—

CVE-2022-22971

Low priority

Needs evaluation

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user.

1 affected packages

libspring-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libspring-java	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-22970

Low priority

Needs evaluation

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to...

1 affected packages

libspring-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libspring-java	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-24792

Medium priority

Needs evaluation

PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The...

3 affected packages

asterisk, pjproject, ring

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
asterisk	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
pjproject	—	—	—	Needs evaluation	Needs evaluation
ring	Not in release	—	Needs evaluation	Needs evaluation	—

CVE-2011-4917

Low priority

Ignored

In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat.

18 affected packages

linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-armadaxp	—	—	—	—	—
linux-ec2	—	—	—	—	—
linux-flo	—	—	—	—	—
linux-fsl-imx51	—	—	—	—	—
linux-goldfish	—	—	—	—	—
linux-grouper	—	—	—	—	—
linux-lts-backport-maverick	—	—	—	—	—
linux-lts-backport-natty	—	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—	—
linux-lts-quantal	—	—	—	—	—
linux-lts-raring	—	—	—	—	—
linux-lts-saucy	—	—	—	—	—
linux-maguro	—	—	—	—	—
linux-mako	—	—	—	—	—
linux-manta	—	—	—	—	—
linux-mvl-dove	—	—	—	—	—
linux-ti-omap4	—	—	—	—	—

CVE-2022-22968

Medium priority

Needs evaluation

In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed...

1 affected packages

libspring-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libspring-java	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

Export to JSON

Results by page:

Search CVE reports