Search CVE reports
61 – 70 of 21528 results
CVE-2024-11586
Medium priorityUbuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected.
1 affected packages
pulseaudio
Package | 24.04 LTS |
---|---|
pulseaudio | Needs evaluation |
CVE-2024-8805
Medium priorityBlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not...
126 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
Package | 24.04 LTS |
---|---|
linux | Needs evaluation |
linux-allwinner-5.19 | Not in release |
linux-aws | Needs evaluation |
linux-aws-5.0 | Not in release |
linux-aws-5.11 | Not in release |
linux-aws-5.13 | Not in release |
linux-aws-5.15 | Not in release |
linux-aws-5.19 | Not in release |
linux-aws-5.3 | Not in release |
linux-aws-5.4 | Not in release |
linux-aws-5.8 | Not in release |
linux-aws-6.2 | Not in release |
linux-aws-6.5 | Not in release |
linux-aws-6.8 | Not in release |
linux-aws-fips | Not in release |
linux-aws-hwe | Not in release |
linux-azure | Needs evaluation |
linux-azure-4.15 | Not in release |
linux-azure-5.11 | Not in release |
linux-azure-5.13 | Not in release |
linux-azure-5.15 | Not in release |
linux-azure-5.19 | Not in release |
linux-azure-5.3 | Not in release |
linux-azure-5.4 | Not in release |
linux-azure-5.8 | Not in release |
linux-azure-6.2 | Not in release |
linux-azure-6.5 | Not in release |
linux-azure-6.8 | Not in release |
linux-azure-edge | Not in release |
linux-azure-fde | Not in release |
linux-azure-fde-5.15 | Not in release |
linux-azure-fde-5.19 | Not in release |
linux-azure-fde-6.2 | Not in release |
linux-azure-fips | Not in release |
linux-bluefield | Not in release |
linux-fips | Not in release |
linux-gcp | Needs evaluation |
linux-gcp-4.15 | Not in release |
linux-gcp-5.11 | Not in release |
linux-gcp-5.13 | Not in release |
linux-gcp-5.15 | Not in release |
linux-gcp-5.19 | Not in release |
linux-gcp-5.3 | Not in release |
linux-gcp-5.4 | Not in release |
linux-gcp-5.8 | Not in release |
linux-gcp-6.2 | Not in release |
linux-gcp-6.5 | Not in release |
linux-gcp-6.8 | Not in release |
linux-gcp-fips | Not in release |
linux-gke | Needs evaluation |
linux-gke-4.15 | Not in release |
linux-gke-5.15 | Not in release |
linux-gke-5.4 | Not in release |
linux-gkeop | Needs evaluation |
linux-gkeop-5.15 | Not in release |
linux-gkeop-5.4 | Not in release |
linux-hwe | Not in release |
linux-hwe-5.11 | Not in release |
linux-hwe-5.13 | Not in release |
linux-hwe-5.15 | Not in release |
linux-hwe-5.19 | Not in release |
linux-hwe-5.4 | Not in release |
linux-hwe-5.8 | Not in release |
linux-hwe-6.2 | Not in release |
linux-hwe-6.5 | Not in release |
linux-hwe-6.8 | Not in release |
linux-hwe-edge | Not in release |
linux-ibm | Needs evaluation |
linux-ibm-5.15 | Not in release |
linux-ibm-5.4 | Not in release |
linux-intel | Needs evaluation |
linux-intel-5.13 | Not in release |
linux-intel-iot-realtime | Not in release |
linux-intel-iotg | Not in release |
linux-intel-iotg-5.15 | Not in release |
linux-iot | Not in release |
linux-kvm | Not in release |
linux-lowlatency | Needs evaluation |
linux-lowlatency-hwe-5.15 | Not in release |
linux-lowlatency-hwe-5.19 | Not in release |
linux-lowlatency-hwe-6.2 | Not in release |
linux-lowlatency-hwe-6.5 | Not in release |
linux-lowlatency-hwe-6.8 | Not in release |
linux-lts-xenial | Not in release |
linux-nvidia | Needs evaluation |
linux-nvidia-6.2 | Not in release |
linux-nvidia-6.5 | Not in release |
linux-nvidia-6.8 | Not in release |
linux-nvidia-lowlatency | Needs evaluation |
linux-oem | Not in release |
linux-oem-5.10 | Not in release |
linux-oem-5.13 | Not in release |
linux-oem-5.14 | Not in release |
linux-oem-5.17 | Not in release |
linux-oem-5.6 | Not in release |
linux-oem-6.0 | Not in release |
linux-oem-6.1 | Not in release |
linux-oem-6.11 | Needs evaluation |
linux-oem-6.5 | Not in release |
linux-oem-6.8 | Needs evaluation |
linux-oracle | Needs evaluation |
linux-oracle-5.0 | Not in release |
linux-oracle-5.11 | Not in release |
linux-oracle-5.13 | Not in release |
linux-oracle-5.15 | Not in release |
linux-oracle-5.3 | Not in release |
linux-oracle-5.4 | Not in release |
linux-oracle-5.8 | Not in release |
linux-oracle-6.5 | Not in release |
linux-oracle-6.8 | Not in release |
linux-raspi | Needs evaluation |
linux-raspi-5.4 | Not in release |
linux-raspi-realtime | Not in release |
linux-raspi2 | Not in release |
linux-realtime | Not in release |
linux-riscv | Needs evaluation |
linux-riscv-5.11 | Not in release |
linux-riscv-5.15 | Not in release |
linux-riscv-5.19 | Not in release |
linux-riscv-5.8 | Not in release |
linux-riscv-6.5 | Not in release |
linux-riscv-6.8 | Not in release |
linux-starfive-5.19 | Not in release |
linux-starfive-6.2 | Not in release |
linux-starfive-6.5 | Not in release |
linux-xilinx-zynqmp | Not in release |
CVE-2024-11612
Medium priority7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to...
2 affected packages
7zip, p7zip
Package | 24.04 LTS |
---|---|
7zip | Needs evaluation |
p7zip | Not affected |
CVE-2024-10220
Medium priorityThe Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2.
1 affected packages
kubernetes
Package | 24.04 LTS |
---|---|
kubernetes | Needs evaluation |
CVE-2024-52804
Medium priorityTornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when...
1 affected packages
python-tornado
Package | 24.04 LTS |
---|---|
python-tornado | Vulnerable |
CVE-2024-8929
Medium priorityIn PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other...
6 affected packages
php5, php7.0, php7.2, php7.4, php8.1, php8.3
Package | 24.04 LTS |
---|---|
php5 | Not in release |
php7.0 | Not in release |
php7.2 | Not in release |
php7.4 | Not in release |
php8.1 | Not in release |
php8.3 | Needs evaluation |
CVE-2024-8932
Medium priorityIn PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.
6 affected packages
php5, php7.0, php7.2, php7.4, php8.1, php8.3
Package | 24.04 LTS |
---|---|
php5 | Not in release |
php7.0 | Not in release |
php7.2 | Not in release |
php7.4 | Not in release |
php8.1 | Not in release |
php8.3 | Needs evaluation |
CVE-2024-11477
Medium priority7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is...
2 affected packages
7zip, p7zip
Package | 24.04 LTS |
---|---|
7zip | Needs evaluation |
p7zip | Not affected |
CVE-2024-52616
Medium priorityA flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks,...
1 affected packages
avahi
Package | 24.04 LTS |
---|---|
avahi | Vulnerable |
CVE-2024-52615
Medium priorityA flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.
1 affected packages
avahi
Package | 24.04 LTS |
---|---|
avahi | Vulnerable |