Search CVE reports

31 – 40 of 1733 results

Detailed view

Sort by:

CVE-2011-4915

Low priority

Ignored

fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.

18 affected packages

linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-armadaxp	—	—	—	—	—
linux-ec2	—	—	—	—	—
linux-flo	—	—	—	—	—
linux-fsl-imx51	—	—	—	—	—
linux-goldfish	—	—	—	—	—
linux-grouper	—	—	—	—	—
linux-lts-backport-maverick	—	—	—	—	—
linux-lts-backport-natty	—	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—	—
linux-lts-quantal	—	—	—	—	—
linux-lts-raring	—	—	—	—	—
linux-lts-saucy	—	—	—	—	—
linux-maguro	—	—	—	—	—
linux-mako	—	—	—	—	—
linux-manta	—	—	—	—	—
linux-mvl-dove	—	—	—	—	—
linux-ti-omap4	—	—	—	—	—

CVE-2015-9541

Low priority

Vulnerable

Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564.

5 affected packages

phantomjs, pyside, pyside2, qt4-x11, qtbase-opensource-src

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
phantomjs	Not in release	Not in release	Vulnerable	Vulnerable	Vulnerable
pyside	Not in release	Not in release	Not in release	Vulnerable	Vulnerable
pyside2	Vulnerable	Vulnerable	Vulnerable	Not in release	Needs evaluation
qt4-x11	Not in release	Not in release	Not in release	Vulnerable	Vulnerable
qtbase-opensource-src	Not affected	Not affected	Not affected	Vulnerable	Vulnerable

CVE-2012-5476

Low priority

Ignored

Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value.

1 affected packages

quantum

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
quantum	—	—	—	—	Not in release

CVE-2009-2802

Medium priority

Not affected

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.

1 affected packages

mantis

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
mantis	—	—	—	—	—

CVE-2013-1811

Medium priority

Ignored

An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".

1 affected packages

mantis

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
mantis	—	—	—	—	Not in release

In Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc calls a C function without ensuring that the segments are set properly. The kernel's %fs needs to be restored before the call in TRACE_IRQS_ON and before enabling...

22 affected packages

linux, linux-armadaxp, linux-flo, linux-goldfish, linux-grouper...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-flo	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-raring	—	—	—	—	Not in release
linux-lts-saucy	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Not affected
linux-manta	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2010-2243

Low priority

Ignored

A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS.

11 affected packages

linux, linux-armadaxp, linux-ec2, linux-fsl-imx51, linux-lts-backport-maverick...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-armadaxp	—	—	—	—	—
linux-ec2	—	—	—	—	—
linux-fsl-imx51	—	—	—	—	—
linux-lts-backport-maverick	—	—	—	—	—
linux-lts-backport-natty	—	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—	—
linux-lts-quantal	—	—	—	—	—
linux-lts-raring	—	—	—	—	—
linux-mvl-dove	—	—	—	—	—
linux-ti-omap4	—	—	—	—	—

CVE-2014-8181

Low priority

Ignored

The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.

27 affected packages

linux, linux-armadaxp, linux-aws, linux-flo, linux-gke...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-flo	—	—	—	—	Not affected
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-raring	—	—	—	—	Not in release
linux-lts-saucy	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Not affected
linux-manta	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2019-17221

Medium priority

Vulnerable

PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, which loads a specified URL and...

1 affected packages

phantomjs

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
phantomjs	Not in release	Not in release	Vulnerable	Vulnerable	Vulnerable

CVE-2013-2255

Low priority

Ignored

HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.

6 affected packages

cinder, keystone, nova, python-keystoneclient, quantum, swift

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cinder	—	—	—	—	—
keystone	—	—	—	—	—
nova	—	—	—	—	—
python-keystoneclient	—	—	—	—	—
quantum	—	—	—	—	—
swift	—	—	—	—	—

Export to JSON

Results by page: