Search CVE reports

41 – 50 of 1754 results

Detailed view

Sort by:

CVE-2019-17221

Medium priority

Vulnerable

PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, which loads a specified URL and...

1 affected packages

phantomjs

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
phantomjs	Not in release	Not in release	Vulnerable	Vulnerable	Vulnerable

CVE-2013-2255

Low priority

Ignored

HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.

6 affected packages

cinder, keystone, nova, python-keystoneclient, quantum, swift

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cinder	—	—	—	—	—
keystone	—	—	—	—	—
nova	—	—	—	—	—
python-keystoneclient	—	—	—	—	—
quantum	—	—	—	—	—
swift	—	—	—	—	—

CVE-2013-1934

Medium priority

Ignored

A cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) in MantisBT 1.2.0rc1 before 1.2.14 allows remote authenticated users to inject arbitrary web script or HTML via a complex value.

1 affected packages

mantis

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
mantis	—	—	—	—	Not in release

CVE-2013-1932

Medium priority

Not affected

A cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) in MantisBT 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via a project name.

1 affected packages

mantis

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
mantis	—	—	—	—	—

CVE-2013-1931

Medium priority

Not affected

A cross-site scripting (XSS) vulnerability in MantisBT 1.2.14 allows remote attackers to inject arbitrary web script or HTML via a version, related to deleting a version.

1 affected packages

mantis

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
mantis	—	—	—	—	—

CVE-2013-1930

Medium priority

Not affected

MantisBT 1.2.12 before 1.2.15 allows authenticated users to by the workflow restriction and close issues.

1 affected packages

mantis

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
mantis	—	—	—	—	—

CVE-2019-16707

Low priority

Needs evaluation

Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx.

10 affected packages

calibre, chromium, enchant, firefox, focuswriter...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
calibre	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
chromium	Not in release	Not in release	Not in release	Not in release	Not in release
enchant	Not in release	Not in release	Needs evaluation	Needs evaluation	Needs evaluation
firefox	Not affected	Not affected	Not affected	Not affected	Not affected
focuswriter	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
hunspell	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
postbooks	Not in release	Not in release	Not in release	Needs evaluation	Needs evaluation
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Not in release
texmaker	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
thunderbird	Not affected	Not affected	Not affected	Not affected	Not affected

CVE-2019-16275

Medium priority

Fixed

hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented...

2 affected packages

wpa, wpasupplicant

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
wpa	—	—	—	Fixed	Fixed
wpasupplicant	—	—	—	Not in release	Not in release

CVE-2018-16871

Medium priority

Some fixes available 27 of 34

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an...

28 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Fixed	Not affected
linux-aws	—	—	—	Fixed	Not affected
linux-aws-hwe	—	—	—	Not in release	Fixed
linux-azure	—	—	—	Fixed	Fixed
linux-azure-edge	—	—	—	Fixed	Fixed
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Fixed	Fixed
linux-gcp-edge	—	—	—	Fixed	Not in release
linux-gke	—	—	—	Not in release	Ignored
linux-gke-4.15	—	—	—	Not affected	Not in release
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Fixed	Fixed
linux-hwe-edge	—	—	—	Not affected	Fixed
linux-kvm	—	—	—	Fixed	Not affected
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Fixed	Ignored
linux-oracle	—	—	—	Fixed	Fixed
linux-raspi2	—	—	—	Fixed	Not affected
linux-snapdragon	—	—	—	Not affected	Not affected

CVE-2019-10207

Medium priority

Some fixes available 32 of 43

A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw...

38 affected packages

linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	Not affected	Fixed	Fixed
linux-aws	—	—	Not affected	Fixed	Fixed
linux-aws-5.0	—	—	Not in release	Not affected	Not in release
linux-aws-hwe	—	—	Not in release	Not in release	Fixed
linux-azure	—	—	Not affected	Not affected	Not affected
linux-azure-5.3	—	—	Not in release	Not affected	Not in release
linux-azure-edge	—	—	Not in release	Not affected	Not affected
linux-euclid	—	—	Not in release	Not in release	Ignored
linux-flo	—	—	Not in release	Not in release	Ignored
linux-gcp	—	—	Not affected	Fixed	Fixed
linux-gcp-5.3	—	—	Not in release	Not affected	Not in release
linux-gcp-edge	—	—	Not in release	Fixed	Not in release
linux-gke	—	—	Not affected	Not in release	Ignored
linux-gke-4.15	—	—	Not in release	Fixed	Not in release
linux-gke-5.0	—	—	Not in release	Fixed	Not in release
linux-gke-5.3	—	—	Not in release	Not affected	Not in release
linux-goldfish	—	—	Not in release	Not in release	Ignored
linux-grouper	—	—	Not in release	Not in release	Not in release
linux-hwe	—	—	Not in release	Fixed	Fixed
linux-hwe-edge	—	—	Not in release	Ignored	Fixed
linux-kvm	—	—	Not affected	Fixed	Fixed
linux-lts-trusty	—	—	Not in release	Not in release	Not in release
linux-lts-utopic	—	—	Not in release	Not in release	Not in release
linux-lts-vivid	—	—	Not in release	Not in release	Not in release
linux-lts-wily	—	—	Not in release	Not in release	Not in release
linux-lts-xenial	—	—	Not in release	Not in release	Not in release
linux-maguro	—	—	Not in release	Not in release	Not in release
linux-mako	—	—	Not in release	Not in release	Ignored
linux-manta	—	—	Not in release	Not in release	Not in release
linux-oem	—	—	Not in release	Fixed	Ignored
linux-oem-5.6	—	—	Not affected	Not in release	Not in release
linux-oem-osp1	—	—	Not in release	Fixed	Not in release
linux-oracle	—	—	Not affected	Fixed	Fixed
linux-oracle-5.0	—	—	Not in release	Not affected	Not in release
linux-oracle-5.3	—	—	Not in release	Not affected	Not in release
linux-raspi2	—	—	Not affected	Fixed	Fixed
linux-raspi2-5.3	—	—	Not in release	Not affected	Not in release
linux-snapdragon	—	—	Not in release	Fixed	Fixed

Export to JSON

Results by page: