Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

51 – 60 of 21528 results

Status is adjusted based on your filters.


CVE-2024-53096

Medium priority
Vulnerable

In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmap_region() error path behaviour The mmap_region() function is somewhat terrifying, with spaghetti-like control flow and numerous means by...

126 affected packages

linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...

Package 24.04 LTS
linux Vulnerable
linux-allwinner-5.19 Not in release
linux-aws Vulnerable
linux-aws-5.0 Not in release
linux-aws-5.11 Not in release
linux-aws-5.13 Not in release
linux-aws-5.15 Not in release
linux-aws-5.19 Not in release
linux-aws-5.3 Not in release
linux-aws-5.4 Not in release
linux-aws-5.8 Not in release
linux-aws-6.2 Not in release
linux-aws-6.5 Not in release
linux-aws-6.8 Not in release
linux-aws-fips Not in release
linux-aws-hwe Not in release
linux-azure Vulnerable
linux-azure-4.15 Not in release
linux-azure-5.11 Not in release
linux-azure-5.13 Not in release
linux-azure-5.15 Not in release
linux-azure-5.19 Not in release
linux-azure-5.3 Not in release
linux-azure-5.4 Not in release
linux-azure-5.8 Not in release
linux-azure-6.2 Not in release
linux-azure-6.5 Not in release
linux-azure-6.8 Not in release
linux-azure-edge Not in release
linux-azure-fde Not in release
linux-azure-fde-5.15 Not in release
linux-azure-fde-5.19 Not in release
linux-azure-fde-6.2 Not in release
linux-azure-fips Not in release
linux-bluefield Not in release
linux-fips Not in release
linux-gcp Vulnerable
linux-gcp-4.15 Not in release
linux-gcp-5.11 Not in release
linux-gcp-5.13 Not in release
linux-gcp-5.15 Not in release
linux-gcp-5.19 Not in release
linux-gcp-5.3 Not in release
linux-gcp-5.4 Not in release
linux-gcp-5.8 Not in release
linux-gcp-6.2 Not in release
linux-gcp-6.5 Not in release
linux-gcp-6.8 Not in release
linux-gcp-fips Not in release
linux-gke Vulnerable
linux-gke-4.15 Not in release
linux-gke-5.15 Not in release
linux-gke-5.4 Not in release
linux-gkeop Vulnerable
linux-gkeop-5.15 Not in release
linux-gkeop-5.4 Not in release
linux-hwe Not in release
linux-hwe-5.11 Not in release
linux-hwe-5.13 Not in release
linux-hwe-5.15 Not in release
linux-hwe-5.19 Not in release
linux-hwe-5.4 Not in release
linux-hwe-5.8 Not in release
linux-hwe-6.2 Not in release
linux-hwe-6.5 Not in release
linux-hwe-6.8 Not in release
linux-hwe-edge Not in release
linux-ibm Vulnerable
linux-ibm-5.15 Not in release
linux-ibm-5.4 Not in release
linux-intel Vulnerable
linux-intel-5.13 Not in release
linux-intel-iot-realtime Not in release
linux-intel-iotg Not in release
linux-intel-iotg-5.15 Not in release
linux-iot Not in release
linux-kvm Not in release
linux-lowlatency Vulnerable
linux-lowlatency-hwe-5.15 Not in release
linux-lowlatency-hwe-5.19 Not in release
linux-lowlatency-hwe-6.2 Not in release
linux-lowlatency-hwe-6.5 Not in release
linux-lowlatency-hwe-6.8 Not in release
linux-lts-xenial Not in release
linux-nvidia Vulnerable
linux-nvidia-6.2 Not in release
linux-nvidia-6.5 Not in release
linux-nvidia-6.8 Not in release
linux-nvidia-lowlatency Vulnerable
linux-oem Not in release
linux-oem-5.10 Not in release
linux-oem-5.13 Not in release
linux-oem-5.14 Not in release
linux-oem-5.17 Not in release
linux-oem-5.6 Not in release
linux-oem-6.0 Not in release
linux-oem-6.1 Not in release
linux-oem-6.11 Vulnerable
linux-oem-6.5 Not in release
linux-oem-6.8 Vulnerable
linux-oracle Vulnerable
linux-oracle-5.0 Not in release
linux-oracle-5.11 Not in release
linux-oracle-5.13 Not in release
linux-oracle-5.15 Not in release
linux-oracle-5.3 Not in release
linux-oracle-5.4 Not in release
linux-oracle-5.8 Not in release
linux-oracle-6.5 Not in release
linux-oracle-6.8 Not in release
linux-raspi Vulnerable
linux-raspi-5.4 Not in release
linux-raspi-realtime Not in release
linux-raspi2 Not in release
linux-realtime Not in release
linux-riscv Vulnerable
linux-riscv-5.11 Not in release
linux-riscv-5.15 Not in release
linux-riscv-5.19 Not in release
linux-riscv-5.8 Not in release
linux-riscv-6.5 Not in release
linux-riscv-6.8 Not in release
linux-starfive-5.19 Not in release
linux-starfive-6.2 Not in release
linux-starfive-6.5 Not in release
linux-xilinx-zynqmp Not in release
Show all 126 packages Show less packages

CVE-2024-52811

Medium priority
Needs evaluation

The ngtcp2 project is an effort to implement IETF QUIC protocol in C. In affected versions acks are not validated before being written to the qlog leading to a buffer overflow. In `ngtcp2_conn::conn_recv_pkt` for an ACK, there was...

1 affected packages

ngtcp2

Package 24.04 LTS
ngtcp2 Needs evaluation
Show less packages

CVE-2024-11498

Medium priority
Needs evaluation

There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL decoder to use large amounts of stack space (up to 256mb is possible, maybe 512mb), potentially exhausting the stack. An attacker...

1 affected packages

jpeg-xl

Package 24.04 LTS
jpeg-xl Needs evaluation
Show less packages

CVE-2024-11403

Medium priority
Needs evaluation

There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression (i.e. if using JxlEncoderAddJPEGFrame...

1 affected packages

jpeg-xl

Package 24.04 LTS
jpeg-xl Needs evaluation
Show less packages

CVE-2024-53916

Medium priority
Needs evaluation

In OpenStack Neutron through 25.0.0, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. NOTE: 935883 has the "Work in Progress" status as of 2024-11-24.

1 affected packages

neutron

Package 24.04 LTS
neutron Needs evaluation
Show less packages

CVE-2024-53901

Medium priority
Needs evaluation

The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image.

1 affected packages

libimager-perl

Package 24.04 LTS
libimager-perl Needs evaluation
Show less packages

CVE-2024-53899

Medium priority
Needs evaluation

virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287.

1 affected packages

python-virtualenv

Package 24.04 LTS
python-virtualenv Needs evaluation
Show less packages

CVE-2024-11233

Medium priority
Needs evaluation

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead...

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
Show less packages

CVE-2024-11236

Medium priority
Needs evaluation

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
Show less packages

CVE-2024-11234

Medium priority
Needs evaluation

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and...

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
Show less packages