Search CVE reports
51 – 60 of 21528 results
CVE-2024-53096
Medium priorityIn the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmap_region() error path behaviour The mmap_region() function is somewhat terrifying, with spaghetti-like control flow and numerous means by...
126 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
Package | 24.04 LTS |
---|---|
linux | Vulnerable |
linux-allwinner-5.19 | Not in release |
linux-aws | Vulnerable |
linux-aws-5.0 | Not in release |
linux-aws-5.11 | Not in release |
linux-aws-5.13 | Not in release |
linux-aws-5.15 | Not in release |
linux-aws-5.19 | Not in release |
linux-aws-5.3 | Not in release |
linux-aws-5.4 | Not in release |
linux-aws-5.8 | Not in release |
linux-aws-6.2 | Not in release |
linux-aws-6.5 | Not in release |
linux-aws-6.8 | Not in release |
linux-aws-fips | Not in release |
linux-aws-hwe | Not in release |
linux-azure | Vulnerable |
linux-azure-4.15 | Not in release |
linux-azure-5.11 | Not in release |
linux-azure-5.13 | Not in release |
linux-azure-5.15 | Not in release |
linux-azure-5.19 | Not in release |
linux-azure-5.3 | Not in release |
linux-azure-5.4 | Not in release |
linux-azure-5.8 | Not in release |
linux-azure-6.2 | Not in release |
linux-azure-6.5 | Not in release |
linux-azure-6.8 | Not in release |
linux-azure-edge | Not in release |
linux-azure-fde | Not in release |
linux-azure-fde-5.15 | Not in release |
linux-azure-fde-5.19 | Not in release |
linux-azure-fde-6.2 | Not in release |
linux-azure-fips | Not in release |
linux-bluefield | Not in release |
linux-fips | Not in release |
linux-gcp | Vulnerable |
linux-gcp-4.15 | Not in release |
linux-gcp-5.11 | Not in release |
linux-gcp-5.13 | Not in release |
linux-gcp-5.15 | Not in release |
linux-gcp-5.19 | Not in release |
linux-gcp-5.3 | Not in release |
linux-gcp-5.4 | Not in release |
linux-gcp-5.8 | Not in release |
linux-gcp-6.2 | Not in release |
linux-gcp-6.5 | Not in release |
linux-gcp-6.8 | Not in release |
linux-gcp-fips | Not in release |
linux-gke | Vulnerable |
linux-gke-4.15 | Not in release |
linux-gke-5.15 | Not in release |
linux-gke-5.4 | Not in release |
linux-gkeop | Vulnerable |
linux-gkeop-5.15 | Not in release |
linux-gkeop-5.4 | Not in release |
linux-hwe | Not in release |
linux-hwe-5.11 | Not in release |
linux-hwe-5.13 | Not in release |
linux-hwe-5.15 | Not in release |
linux-hwe-5.19 | Not in release |
linux-hwe-5.4 | Not in release |
linux-hwe-5.8 | Not in release |
linux-hwe-6.2 | Not in release |
linux-hwe-6.5 | Not in release |
linux-hwe-6.8 | Not in release |
linux-hwe-edge | Not in release |
linux-ibm | Vulnerable |
linux-ibm-5.15 | Not in release |
linux-ibm-5.4 | Not in release |
linux-intel | Vulnerable |
linux-intel-5.13 | Not in release |
linux-intel-iot-realtime | Not in release |
linux-intel-iotg | Not in release |
linux-intel-iotg-5.15 | Not in release |
linux-iot | Not in release |
linux-kvm | Not in release |
linux-lowlatency | Vulnerable |
linux-lowlatency-hwe-5.15 | Not in release |
linux-lowlatency-hwe-5.19 | Not in release |
linux-lowlatency-hwe-6.2 | Not in release |
linux-lowlatency-hwe-6.5 | Not in release |
linux-lowlatency-hwe-6.8 | Not in release |
linux-lts-xenial | Not in release |
linux-nvidia | Vulnerable |
linux-nvidia-6.2 | Not in release |
linux-nvidia-6.5 | Not in release |
linux-nvidia-6.8 | Not in release |
linux-nvidia-lowlatency | Vulnerable |
linux-oem | Not in release |
linux-oem-5.10 | Not in release |
linux-oem-5.13 | Not in release |
linux-oem-5.14 | Not in release |
linux-oem-5.17 | Not in release |
linux-oem-5.6 | Not in release |
linux-oem-6.0 | Not in release |
linux-oem-6.1 | Not in release |
linux-oem-6.11 | Vulnerable |
linux-oem-6.5 | Not in release |
linux-oem-6.8 | Vulnerable |
linux-oracle | Vulnerable |
linux-oracle-5.0 | Not in release |
linux-oracle-5.11 | Not in release |
linux-oracle-5.13 | Not in release |
linux-oracle-5.15 | Not in release |
linux-oracle-5.3 | Not in release |
linux-oracle-5.4 | Not in release |
linux-oracle-5.8 | Not in release |
linux-oracle-6.5 | Not in release |
linux-oracle-6.8 | Not in release |
linux-raspi | Vulnerable |
linux-raspi-5.4 | Not in release |
linux-raspi-realtime | Not in release |
linux-raspi2 | Not in release |
linux-realtime | Not in release |
linux-riscv | Vulnerable |
linux-riscv-5.11 | Not in release |
linux-riscv-5.15 | Not in release |
linux-riscv-5.19 | Not in release |
linux-riscv-5.8 | Not in release |
linux-riscv-6.5 | Not in release |
linux-riscv-6.8 | Not in release |
linux-starfive-5.19 | Not in release |
linux-starfive-6.2 | Not in release |
linux-starfive-6.5 | Not in release |
linux-xilinx-zynqmp | Not in release |
CVE-2024-52811
Medium priorityThe ngtcp2 project is an effort to implement IETF QUIC protocol in C. In affected versions acks are not validated before being written to the qlog leading to a buffer overflow. In `ngtcp2_conn::conn_recv_pkt` for an ACK, there was...
1 affected packages
ngtcp2
Package | 24.04 LTS |
---|---|
ngtcp2 | Needs evaluation |
CVE-2024-11498
Medium priorityThere exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL decoder to use large amounts of stack space (up to 256mb is possible, maybe 512mb), potentially exhausting the stack. An attacker...
1 affected packages
jpeg-xl
Package | 24.04 LTS |
---|---|
jpeg-xl | Needs evaluation |
CVE-2024-11403
Medium priorityThere exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression (i.e. if using JxlEncoderAddJPEGFrame...
1 affected packages
jpeg-xl
Package | 24.04 LTS |
---|---|
jpeg-xl | Needs evaluation |
CVE-2024-53916
Medium priorityIn OpenStack Neutron through 25.0.0, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. NOTE: 935883 has the "Work in Progress" status as of 2024-11-24.
1 affected packages
neutron
Package | 24.04 LTS |
---|---|
neutron | Needs evaluation |
CVE-2024-53901
Medium priorityThe Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image.
1 affected packages
libimager-perl
Package | 24.04 LTS |
---|---|
libimager-perl | Needs evaluation |
CVE-2024-53899
Medium priorityvirtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287.
1 affected packages
python-virtualenv
Package | 24.04 LTS |
---|---|
python-virtualenv | Needs evaluation |
CVE-2024-11233
Medium priorityIn PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead...
6 affected packages
php5, php7.0, php7.2, php7.4, php8.1, php8.3
Package | 24.04 LTS |
---|---|
php5 | Not in release |
php7.0 | Not in release |
php7.2 | Not in release |
php7.4 | Not in release |
php8.1 | Not in release |
php8.3 | Needs evaluation |
CVE-2024-11236
Medium priorityIn PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.
6 affected packages
php5, php7.0, php7.2, php7.4, php8.1, php8.3
Package | 24.04 LTS |
---|---|
php5 | Not in release |
php7.0 | Not in release |
php7.2 | Not in release |
php7.4 | Not in release |
php8.1 | Not in release |
php8.3 | Needs evaluation |
CVE-2024-11234
Medium priorityIn PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and...
6 affected packages
php5, php7.0, php7.2, php7.4, php8.1, php8.3
Package | 24.04 LTS |
---|---|
php5 | Not in release |
php7.0 | Not in release |
php7.2 | Not in release |
php7.4 | Not in release |
php8.1 | Not in release |
php8.3 | Needs evaluation |