Search CVE reports

11 – 20 of 1756 results

Detailed view

Sort by:

CVE-2024-54662

Medium priority

Vulnerable

Dante 1.4.0 through 1.4.3 (fixed in 1.4.4) has incorrect access control for some sockd.conf configurations involving socksmethod.

1 affected package

dante

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dante	—	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2024-6388

Medium priority

Some fixes available 5 of 6

Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the token as an argument in plaintext.

1 affected package

ubuntu-advantage-desktop-daemon

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ubuntu-advantage-desktop-daemon	—	Fixed	Fixed	Fixed	Fixed

CVE-2024-3772

Medium priority

Some fixes available 2 of 3

Regular expression denial of service in Pydanic < 2.4.0, < 1.10.13 allows remote attackers to cause denial of service via a crafted email string.

1 affected package

pydantic

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pydantic	—	Not affected	Fixed	Fixed	—

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to 1.7.5, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of the HTML...

1 affected package

libowasp-antisamy-java

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libowasp-antisamy-java	—	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2023-43643

Medium priority

Needs evaluation

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to version 1.7.4, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of...

1 affected package

libowasp-antisamy-java

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libowasp-antisamy-java	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored

CVE-2023-3432

Medium priority

Ignored

Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml prior to 1.2023.9.

1 affected package

plantuml

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
plantuml	—	Not affected	Not affected	Not affected	Not affected

CVE-2023-3431

Medium priority

Ignored

Improper Access Control in GitHub repository plantuml/plantuml prior to 1.2023.9.

1 affected package

plantuml

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
plantuml	—	Ignored	Ignored	Not affected	Not affected

CVE-2017-1000

Medium priority

Some fixes available 8 of 10

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.

72 affected packages

linux, linux-azure, linux-azure-edge, linux-euclid, linux-flo...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	Not affected	Not affected	Not affected	Not affected
linux-azure	—	Not affected	Not affected	Not affected	Not affected
linux-azure-edge	—	Not in release	Not in release	Not in release	Not affected
linux-euclid	—	—	—	—	Not in release
linux-flo	—	—	—	—	Not in release
linux-gcp	—	Not affected	Not affected	Not affected	Not affected
linux-gke	—	Not affected	Not affected	Ignored	Not in release
linux-goldfish	—	—	—	—	Not in release
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	Not in release	Not in release	Not in release	Not affected
linux-hwe-edge	—	Not in release	Not in release	Not in release	Not affected
linux-kvm	—	Not in release	Not affected	Not affected	Not affected
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	Not in release	Not in release	Not in release	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Not in release
linux-manta	—	—	—	—	Not in release
linux-raspi2	—	Not in release	Not in release	Ignored	Not affected
linux-snapdragon	—	Not in release	Not in release	Not in release	Not affected
linux-oem	—	Not in release	Not in release	Not in release	Not affected
linux-aws	—	Not affected	Not affected	Not affected	Not affected
linux-hwe-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-hwe-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-aws-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-aws-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-aws-hwe	—	Not in release	Not in release	Not in release	Not in release
linux-azure-4.15	—	Not in release	Not in release	Not in release	Not affected
linux-azure-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-azure-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-azure-fde	—	Not affected	Not affected	Ignored	Not in release
linux-azure-fde-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-bluefield	—	Not in release	Not in release	Not affected	Not in release
linux-fips	—	Not in release	Not affected	Not affected	Not affected
linux-aws-fips	—	Not in release	Not affected	Not affected	Not affected
linux-azure-fips	—	Not in release	Not affected	Not affected	Not affected
linux-gcp-fips	—	Not in release	Not affected	Not affected	Not affected
linux-gcp-4.15	—	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-gkeop	—	Not affected	Not affected	Not affected	Not in release
linux-gkeop-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-ibm	—	Not affected	Not affected	Not affected	Not in release
linux-ibm-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-ibm-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-intel	—	Not affected	Not in release	Not in release	Not in release
linux-intel-iotg	—	Not in release	Not affected	Not in release	Not in release
linux-intel-iotg-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-iot	—	Not in release	Not in release	Not affected	Not in release
linux-intel-iot-realtime	—	Not in release	Not affected	Not in release	Not in release
linux-lowlatency	—	Not affected	Not affected	Not in release	Not in release
linux-lowlatency-hwe-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-lowlatency-hwe-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia	—	Not affected	Not affected	Not in release	Not in release
linux-nvidia-6.5	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia-lowlatency	—	Not affected	Not in release	Not in release	Not in release
linux-oracle	—	Not affected	Not affected	Not affected	Not affected
linux-oracle-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-oracle-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-oem-6.8	—	Not affected	Not in release	Not in release	Not in release
linux-raspi	—	Not affected	Not affected	Not affected	Not in release
linux-raspi-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-raspi-realtime	—	Not affected	Not in release	Not in release	Not in release
linux-realtime	—	Not affected	Not affected	Not in release	Not in release
linux-riscv	—	Not affected	Ignored	Ignored	Not in release
linux-riscv-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-riscv-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-xilinx-zynqmp	—	Not in release	Not affected	Not affected	Not in release

CVE-2022-4515

Medium priority

Fixed

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary...

1 affected package

exuberant-ctags

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
exuberant-ctags	—	—	Fixed	Fixed	Fixed

CVE-2022-42717

Medium priority

Needs evaluation

An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host...

1 affected package

vagrant

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
vagrant	Not in release	Not in release	Needs evaluation	Ignored	Ignored

Export to JSON

Results by page: