Search CVE reports
1 – 10 of 58210 results
A multi-vendor cache poisoning vulnerability named ‘Rebirthday Attack’ has been discovered in caching resolvers that support EDNS Client Subnet (ECS). Unbound is also vulnerable when compiled with ECS support,...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
unbound | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Icinga DB Web provides a graphical interface for Icinga monitoring. Starting in version 1.2.0 and prior to version 1.2.2, users with access to Icinga Dependency Views, are allowed to see hosts and services that they weren’t meant...
1 affected package
icingadb-web
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
icingadb-web | Not affected | Not in release | — | — |
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a (usually SHA-1) hash of a simple counter, the epoch time, the built-in rand function, the PID and...
1 affected package
libcatalyst-plugin-session-perl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
libcatalyst-plugin-session-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come...
1 affected package
libplack-middleware-session-perl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
libplack-middleware-session-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will...
1 affected package
libauthen-sasl-perl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
libauthen-sasl-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1,...
3 affected packages
bind9, bind9-libs, isc-dhcp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
bind9 | Not affected | Not affected | Not affected | Not affected |
bind9-libs | Not in release | Needs evaluation | Needs evaluation | — |
isc-dhcp | Needs evaluation | Not affected | Not affected | Needs evaluation |
An authenticated remote code execution vulnerability exists in Piwik (now Matomo) versions prior to 3.0.3 via the plugin upload mechanism. In vulnerable versions, an authenticated user with Superuser privileges can upload and...
1 affected package
matomo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
matomo | Not in release | Not in release | — | — |
Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the instruction by replaying it, using an executable stub. Some instructions may raise an exception, which is supposed to be handled...
1 affected package
xen
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
xen | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 1 of 6
possible assertion failure when using the ‘stale-answer-client-timeout 0’ option
3 affected packages
bind9, bind9-libs, isc-dhcp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
bind9 | Not affected | Not affected | Not affected | Not affected |
bind9-libs | Not in release | Needs evaluation | Needs evaluation | — |
isc-dhcp | Needs evaluation | Not affected | Not affected | Needs evaluation |
[Unknown description]
1 affected package
nodejs
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
nodejs | Not affected | Not affected | Not affected | Not affected |