Search CVE reports


Toggle filters

41 – 50 of 21693 results

Status is adjusted based on your filters.


CVE-2024-47537

Medium priority
Needs evaluation

GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_count elements of type...

2 affected packages

gst-plugins-good0.10, gst-plugins-good1.0

Package 24.04 LTS
gst-plugins-good0.10 Not in release
gst-plugins-good1.0 Needs evaluation
Show less packages

CVE-2024-45337

Medium priority
Needs evaluation

Applications and libraries which misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass.

3 affected packages

golang-go.crypto, lxd, snapd

Package 24.04 LTS
golang-go.crypto Needs evaluation
lxd Not in release
snapd Needs evaluation
Show less packages

CVE-2024-4109

Medium priority
Needs evaluation

A flaw was found in Undertow. An HTTP request header value from a previous stream may be incorrectly reused for a request associated with a subsequent stream on the same HTTP/2 connection. This issue can potentially lead...

1 affected package

undertow

Package 24.04 LTS
undertow Needs evaluation
Show less packages

CVE-2024-12570

Medium priority

Not in release

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.4.6, from 17.5 prior to 17.5.4, and from 17.6 prior to 17.6.2. It may have been possible for an attacker with a victim's...

1 affected package

gitlab

Package 24.04 LTS
gitlab Not in release
Show less packages

CVE-2024-12292

Medium priority

Not in release

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, where sensitive information passed in GraphQL mutations...

1 affected package

gitlab

Package 24.04 LTS
gitlab Not in release
Show less packages

CVE-2024-11274

Medium priority

Not in release

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, injection of NEL headers in k8s proxy response could...

1 affected package

gitlab

Package 24.04 LTS
gitlab Not in release
Show less packages

CVE-2024-10043

Medium priority

Not in release

An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to...

1 affected package

gitlab

Package 24.04 LTS
gitlab Not in release
Show less packages

CVE-2024-12224

Medium priority
Needs evaluation

[RUSTSEC-2024-0421]

1 affected package

rust-idna

Package 24.04 LTS
rust-idna Needs evaluation
Show less packages

CVE-2024-11053

Low priority
Needs evaluation

When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the...

1 affected package

curl

Package 24.04 LTS
curl Needs evaluation
Show less packages

CVE-2024-46657

Medium priority
Needs evaluation

Artifex Software mupdf v1.24.9 was discovered to contain a segmentation fault via the component /tools/pdfextract.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.

1 affected package

mupdf

Package 24.04 LTS
mupdf Needs evaluation
Show less packages