Search CVE reports
11 – 20 of 4202 results
CVE-2024-47881
Medium priorityOpenRefine is a free, open source tool for working with messy data. Starting in version 3.4-beta and prior to version 3.8.3, in the `database` extension, the "enable_load_extension" property can be set for the SQLite integration,...
1 affected packages
openrefine
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openrefine | Needs evaluation | Needs evaluation | Not in release | — | — |
CVE-2024-47880
Medium priorityOpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the `export-rows` command can be used in such a way that it reflects part of the request verbatim, with a Content-Type header also taken...
1 affected packages
openrefine
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openrefine | Needs evaluation | Needs evaluation | Not in release | — | — |
CVE-2024-47879
Medium priorityOpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, lack of cross-site request forgery protection on the `preview-expression` command means that visiting a malicious website could cause an...
1 affected packages
openrefine
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openrefine | Needs evaluation | Needs evaluation | Not in release | — | — |
CVE-2024-47878
Medium priorityOpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the `/extension/gdata/authorized` endpoint includes the `state` GET parameter verbatim in a `<script>` tag in the output, so without...
1 affected packages
openrefine
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openrefine | Needs evaluation | Needs evaluation | Not in release | — | — |
CVE-2024-46478
Medium priorityHTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-pdf.cxx:5681.
1 affected packages
htmldoc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
htmldoc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-0126
Medium priorityNVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a privileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service,...
34 affected packages
nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-340, nvidia-graphics-drivers-340-updates, nvidia-graphics-drivers-352...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nvidia-graphics-drivers-304 | Not in release | Not in release | Not in release | — | Ignored |
nvidia-graphics-drivers-304-updates | Not in release | Not in release | Not in release | — | Not affected |
nvidia-graphics-drivers-340 | Not in release | Not affected | Ignored | Ignored | Ignored |
nvidia-graphics-drivers-340-updates | Not in release | Not in release | Not in release | Not affected | Not affected |
nvidia-graphics-drivers-352 | Not in release | Not in release | Not in release | Not affected | Not affected |
nvidia-graphics-drivers-352-updates | Not in release | Not in release | Not in release | Not affected | Not affected |
nvidia-graphics-drivers-361 | Not in release | Not in release | Not in release | Not affected | Not affected |
nvidia-graphics-drivers-367 | Not in release | Not in release | Not in release | Not affected | Not affected |
nvidia-graphics-drivers-375 | Not in release | Not in release | Not in release | Not affected | Not affected |
nvidia-graphics-drivers-384 | Not in release | Not in release | Not in release | Not affected | Not affected |
nvidia-graphics-drivers-390 | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-418-server | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-430 | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-435 | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-440 | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-440-server | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-450 | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-450-server | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-455 | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-460 | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-460-server | Not in release | Not in release | Ignored | Ignored | — |
nvidia-graphics-drivers-470 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
nvidia-graphics-drivers-470-server | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
nvidia-graphics-drivers-495 | Not in release | Not in release | Not affected | Not affected | — |
nvidia-graphics-drivers-510 | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-510-server | Not in release | Not affected | Not affected | Not affected | — |
nvidia-graphics-drivers-515 | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-515-server | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-520 | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-525 | Not affected | Not affected | Not affected | Not affected | — |
nvidia-graphics-drivers-525-server | Not affected | Not affected | Not affected | Not affected | — |
nvidia-graphics-drivers-530 | Not in release | Ignored | Ignored | Ignored | — |
nvidia-graphics-drivers-535 | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
nvidia-graphics-drivers-535-server | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
CVE-2024-50383
Medium priorityBotan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 (used in Chacha-Poly1305 and x25519). An addition can be skipped if a carry is not set....
3 affected packages
botan, oscar, thunderbird
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
botan | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
oscar | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
thunderbird | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
CVE-2024-50382
Medium priorityBotan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for...
3 affected packages
botan, oscar, thunderbird
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
botan | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
oscar | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
thunderbird | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
CVE-2024-48936
Medium priority[Unknown description]
1 affected packages
slurm-wlm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
slurm-wlm | Needs evaluation | Needs evaluation | Not in release | — | — |
CVE-2024-10041
Medium priorityA vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train...
1 affected packages
pam
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pam | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |