Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

51 – 60 of 1332 results

CVE-2021-22095

Medium priority
Needs evaluation

In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString() method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a...

1 affected packages

spring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
spring Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-43519

Low priority
Needs evaluation

Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.

45 affected packages

ardour, bam, blobby, ceph, darktable...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ardour Not affected Not affected Not affected Not affected Not affected
bam Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
blobby Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ceph Not affected Not affected Not affected Not affected Not affected
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
eja Not in release Needs evaluation Needs evaluation Needs evaluation Ignored
emscripten Needs evaluation Needs evaluation Needs evaluation Needs evaluation
enigma Not affected Not affected Not affected Not affected Not affected
freeciv Not affected Not affected Not affected Not affected Not affected
freedroidrpg Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
fs-uae Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
golly Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
goxel Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
grub2 Not affected Not affected Not affected Not affected Not affected
gtk2-engines Not affected Not affected Not affected Not affected Not affected
haskell-hslua Not affected Not affected Not affected Not affected Not affected
hedgewars Not affected Not affected Not affected Not affected Not affected
lua5.1 Not affected Not affected Not affected Not affected Not affected
lua5.2 Not affected Not affected Not affected Not affected Not affected
lua5.3 Not affected Not affected Not affected Not affected Not affected
lua5.4 Not affected Not affected Not in release Not in release Not in release
lua50 Not in release Not in release Not affected Not affected Not affected
luajit Not affected Not affected Not affected Not affected Not affected
mame Not affected Not affected Not affected Not affected Not affected
naev Needs evaluation Needs evaluation Needs evaluation Ignored
openscenegraph Not affected Not affected Not affected Not affected Not affected
redis Not affected Not affected Not affected Not affected Not affected
rust-lua52-sys Needs evaluation Needs evaluation Needs evaluation Ignored
scite Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
scorched3d Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
scummvm Not affected Not affected Not affected Not affected Not affected
spring Not affected Not affected Not affected Not affected Not affected
syslinux Not affected Not affected Not affected Not affected Not affected
syslinux-legacy Not in release Not in release Not affected Not affected Not affected
tagua Not affected Not affected Not affected Not affected Not affected
tarantool Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texlive-bin Not affected Not affected Not affected Not affected Not affected
tup Needs evaluation Needs evaluation Needs evaluation Ignored
ufoai Not affected Not affected Not affected Not affected Not affected
vifm Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
wcc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
wesnoth Ignored
widelands Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xmoto Not affected Not affected Not affected Not affected Not affected
zfs-linux Not affected Not affected Not affected Not affected Not affected
Show all 45 packages Show less packages

CVE-2021-22096

Medium priority
Needs evaluation

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.

1 affected packages

libspring-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libspring-java Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-42006

Low priority
Vulnerable

An out-of-bounds access in GffLine::GffLine in gff.cpp in GCLib 0.12.7 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted GFF file.

5 affected packages

cufflinks, libgclib, libgff, stringtie, tophat

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cufflinks Vulnerable Vulnerable Vulnerable Vulnerable Ignored
libgclib Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
libgff Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
stringtie Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
tophat Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2021-22119

Medium priority
Ignored

Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth...

1 affected packages

libspring-security-2.0-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libspring-security-2.0-java Not in release Not in release Not in release Ignored
Show less packages

CVE-2021-29060

Medium priority
Needs evaluation

A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string.

1 affected packages

node-color-string

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
node-color-string Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
Show less packages

CVE-2021-22118

Medium priority
Vulnerable

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated...

1 affected packages

libspring-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libspring-java Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2008-2544

Medium priority
Ignored

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise.

23 affected packages

linux, linux-armadaxp, linux-flo, linux-goldfish, linux-grouper...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected
linux-armadaxp Not in release
linux-flo Not affected
linux-goldfish Not affected
linux-grouper Not in release
linux-linaro-omap Not in release
linux-linaro-shared Not in release
linux-linaro-vexpress Not in release
linux-lts-quantal Not in release
linux-lts-raring Not in release
linux-lts-saucy Not in release
linux-lts-trusty Not in release
linux-lts-utopic Not in release
linux-lts-vivid Not in release
linux-lts-wily Not in release
linux-lts-xenial Not in release
linux-maguro Not in release
linux-mako Not affected
linux-manta Not in release
linux-qcm-msm Not in release
linux-raspi2 Not affected
linux-snapdragon Not affected
linux-ti-omap4 Not in release
Show all 23 packages Show less packages

CVE-2018-21270

Medium priority
Vulnerable

Versions less than 0.0.6 of the Node.js stringstream module are vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream (when using Node.js 4.x).

1 affected packages

node-stringstream

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
node-stringstream Not affected Not affected Not affected Vulnerable Not in release
Show less packages

CVE-2020-15216

Medium priority
Needs evaluation

In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one. A patch is...

1 affected packages

golang-github-russellhaering-goxmldsig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-github-russellhaering-goxmldsig Not affected Needs evaluation Needs evaluation Needs evaluation Not in release
Show less packages
  1. Previous page
  2. 4
  3. 5
  4. 6
  5. 7
  6. 8
  7. Next page
Export to JSON