Search CVE reports
121 – 130 of 31984 results
CVE-2024-48651
Medium priorityIn ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from mod_sql.
1 affected package
proftpd-dfsg
| Package | 18.04 LTS |
|---|---|
| proftpd-dfsg | Not affected |
CVE-2024-36619
Medium priorityFFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec library which allows for an integer overflow when handling certain block types, leading to a denial-of-service (DoS) condition.
2 affected packages
ffmpeg, libav
| Package | 18.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | — |
CVE-2024-36618
Medium priorityFFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition.
2 affected packages
ffmpeg, libav
| Package | 18.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | — |
CVE-2024-36617
Medium priorityFFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.
2 affected packages
ffmpeg, libav
| Package | 18.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | — |
CVE-2024-35369
Medium priorityIn FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability...
2 affected packages
ffmpeg, libav
| Package | 18.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | — |
CVE-2024-53008
Medium priorityInconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL (Access Control List) set...
1 affected package
haproxy
| Package | 18.04 LTS |
|---|---|
| haproxy | Not affected |
CVE-2024-36466
Medium priorityA bug in the code allows an attacker to sign a forged zbx_session cookie, which then allows them to sign in with admin permissions.
1 affected package
zabbix
| Package | 18.04 LTS |
|---|---|
| zabbix | Needs evaluation |
CVE-2023-52922
Low priorityIn the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1...
126 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
| Package | 18.04 LTS |
|---|---|
| linux | Ignored |
| linux-allwinner-5.19 | Not in release |
| linux-aws | Ignored |
| linux-aws-5.0 | Ignored |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Not in release |
| linux-aws-5.3 | Ignored |
| linux-aws-5.4 | Vulnerable |
| linux-aws-5.8 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-aws-6.8 | Not in release |
| linux-aws-fips | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure | Ignored |
| linux-azure-4.15 | Ignored |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Not in release |
| linux-azure-5.3 | Ignored |
| linux-azure-5.4 | Vulnerable |
| linux-azure-5.8 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-azure-edge | Ignored |
| linux-azure-fde | Not in release |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-azure-fips | Not in release |
| linux-bluefield | Not in release |
| linux-fips | Not in release |
| linux-gcp | Ignored |
| linux-gcp-4.15 | Ignored |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Not in release |
| linux-gcp-5.3 | Ignored |
| linux-gcp-5.4 | Vulnerable |
| linux-gcp-5.8 | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-gcp-fips | Not in release |
| linux-gke | Not in release |
| linux-gke-4.15 | Ignored |
| linux-gke-5.15 | Not in release |
| linux-gke-5.4 | Ignored |
| linux-gkeop | Not in release |
| linux-gkeop-5.15 | Not in release |
| linux-gkeop-5.4 | Ignored |
| linux-hwe | Ignored |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Not in release |
| linux-hwe-5.4 | Vulnerable |
| linux-hwe-5.8 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-hwe-edge | Ignored |
| linux-ibm | Not in release |
| linux-ibm-5.15 | Not in release |
| linux-ibm-5.4 | Vulnerable |
| linux-intel | Not in release |
| linux-intel-5.13 | Not in release |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-iot | Not in release |
| linux-kvm | Ignored |
| linux-lowlatency | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-lts-xenial | Not in release |
| linux-nvidia | Not in release |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-oem | Ignored |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Not in release |
| linux-oem-5.6 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Not in release |
| linux-oracle | Ignored |
| linux-oracle-5.0 | Ignored |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-5.3 | Ignored |
| linux-oracle-5.4 | Vulnerable |
| linux-oracle-5.8 | Not in release |
| linux-oracle-6.5 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-raspi | Not in release |
| linux-raspi2 | Ignored |
| linux-raspi-5.4 | Vulnerable |
| linux-raspi-realtime | Not in release |
| linux-realtime | Not in release |
| linux-riscv | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Not in release |
| linux-riscv-5.8 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |
| linux-xilinx-zynqmp | Not in release |
CVE-2024-53920
Medium priorityIn elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to...
5 affected packages
emacs, emacs24, emacs25, xemacs21, xemacs21-packages
| Package | 18.04 LTS |
|---|---|
| emacs | — |
| emacs24 | — |
| emacs25 | Needs evaluation |
| xemacs21 | Needs evaluation |
| xemacs21-packages | Needs evaluation |
CVE-2024-36464
Medium priorityWhen exporting media types, the password is exported in the YAML in plain text. This appears to be a best practices type issue and may have no actual impact. The user would need to have permissions to access the media types and...
1 affected package
zabbix
| Package | 18.04 LTS |
|---|---|
| zabbix | Needs evaluation |