Search CVE reports
51 – 60 of 26472 results
CVE-2024-10458
Medium prioritySome fixes available 1 of 4
A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4,...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 20.04 LTS |
|---|---|
| firefox | Fixed |
| mozjs102 | Not in release |
| mozjs115 | Not in release |
| mozjs38 | Not in release |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Vulnerable |
CVE-2024-49761
Medium priorityREXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby...
7 affected packages
jruby, ruby2.3, ruby2.5, ruby2.7, ruby3.0...
| Package | 20.04 LTS |
|---|---|
| jruby | Needs evaluation |
| ruby2.3 | Not in release |
| ruby2.5 | Not in release |
| ruby2.7 | Needs evaluation |
| ruby3.0 | Not in release |
| ruby3.2 | Not in release |
| ruby3.3 | Not in release |
CVE-2024-45802
Medium prioritySquid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime...
2 affected packages
squid, squid3
| Package | 20.04 LTS |
|---|---|
| squid | Needs evaluation |
| squid3 | Not in release |
CVE-2024-8013
Medium priorityA bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. Should this occur, no...
1 affected packages
mongodb
| Package | 20.04 LTS |
|---|---|
| mongodb | Needs evaluation |
CVE-2024-48936
Medium priorityNot in release
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with...
1 affected packages
slurm-wlm
| Package | 20.04 LTS |
|---|---|
| slurm-wlm | Not in release |
CVE-2024-50624
Medium priorityispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is used for a URL such as http://autoconfig.example.com...
1 affected packages
kmail
| Package | 20.04 LTS |
|---|---|
| kmail | Needs evaluation |
CVE-2024-50067
Medium priorityIn the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring buffer to avoid non-atomic...
124 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
| Package | 20.04 LTS |
|---|---|
| linux | Vulnerable |
| linux-allwinner-5.19 | Not in release |
| linux-aws | Vulnerable |
| linux-aws-5.0 | Not in release |
| linux-aws-5.11 | Ignored |
| linux-aws-5.13 | Ignored |
| linux-aws-5.15 | Vulnerable |
| linux-aws-5.19 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-5.8 | Ignored |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-aws-6.8 | Not in release |
| linux-aws-fips | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure | Vulnerable |
| linux-azure-4.15 | Not in release |
| linux-azure-5.11 | Ignored |
| linux-azure-5.13 | Ignored |
| linux-azure-5.15 | Vulnerable |
| linux-azure-5.19 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Ignored |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-azure-edge | Not in release |
| linux-azure-fde | Ignored |
| linux-azure-fde-5.15 | Vulnerable |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-azure-fips | Not in release |
| linux-bluefield | Vulnerable |
| linux-fips | Not in release |
| linux-gcp | Vulnerable |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.11 | Ignored |
| linux-gcp-5.13 | Ignored |
| linux-gcp-5.15 | Vulnerable |
| linux-gcp-5.19 | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Ignored |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-gcp-fips | Not in release |
| linux-gke | Ignored |
| linux-gke-4.15 | Not in release |
| linux-gke-5.15 | Ignored |
| linux-gke-5.4 | Not in release |
| linux-gkeop | Vulnerable |
| linux-gkeop-5.15 | Vulnerable |
| linux-gkeop-5.4 | Not in release |
| linux-hwe | Not in release |
| linux-hwe-5.11 | Ignored |
| linux-hwe-5.13 | Ignored |
| linux-hwe-5.15 | Vulnerable |
| linux-hwe-5.19 | Not in release |
| linux-hwe-5.4 | Not in release |
| linux-hwe-5.8 | Ignored |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-hwe-edge | Not in release |
| linux-ibm | Vulnerable |
| linux-ibm-5.15 | Vulnerable |
| linux-ibm-5.4 | Not in release |
| linux-intel-5.13 | Ignored |
| linux-intel-iot-realtime | Not in release |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Vulnerable |
| linux-iot | Vulnerable |
| linux-kvm | Vulnerable |
| linux-lowlatency | Not in release |
| linux-lowlatency-hwe-5.15 | Vulnerable |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-lts-xenial | Not in release |
| linux-nvidia | Not in release |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-oem | Not in release |
| linux-oem-5.10 | Ignored |
| linux-oem-5.13 | Ignored |
| linux-oem-5.14 | Ignored |
| linux-oem-5.17 | Not in release |
| linux-oem-5.6 | Ignored |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Not in release |
| linux-oracle | Vulnerable |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.11 | Ignored |
| linux-oracle-5.13 | Ignored |
| linux-oracle-5.15 | Vulnerable |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Ignored |
| linux-oracle-6.5 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-raspi | Vulnerable |
| linux-raspi-5.4 | Not in release |
| linux-raspi-realtime | Not in release |
| linux-raspi2 | Ignored |
| linux-realtime | Not in release |
| linux-riscv | Ignored |
| linux-riscv-5.11 | Ignored |
| linux-riscv-5.15 | Vulnerable |
| linux-riscv-5.19 | Not in release |
| linux-riscv-5.8 | Ignored |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |
| linux-xilinx-zynqmp | Vulnerable |
CVE-2024-46613
Medium priority[Integer Overflow to Buffer Overflow vulnerability in "string_free_split" functions]
1 affected packages
weechat
| Package | 20.04 LTS |
|---|---|
| weechat | Needs evaluation |
CVE-2024-50615
Medium priorityTinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.
1 affected packages
tinyxml2
| Package | 20.04 LTS |
|---|---|
| tinyxml2 | Needs evaluation |
CVE-2024-50614
Medium priorityTinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.
1 affected packages
tinyxml2
| Package | 20.04 LTS |
|---|---|
| tinyxml2 | Needs evaluation |