Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

181 – 190 of 25087 results

Status is adjusted based on your filters.


CVE-2024-50612

Medium priority
Vulnerable

libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.

1 affected packages

libsndfile

Package 22.04 LTS
libsndfile Vulnerable
Show less packages

CVE-2024-50610

Medium priority
Needs evaluation

GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many in siman/siman.c. When params.n_tries is negative, incorrect memory allocation occurs.

1 affected packages

gsl

Package 22.04 LTS
gsl Needs evaluation
Show less packages

CVE-2024-50602

Medium priority
Needs evaluation

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

23 affected packages

apache2, apr-util, ayttm, cableswig, cadaver...

Package 22.04 LTS
apache2 Not affected
apr-util Not affected
ayttm Not in release
cableswig Not in release
cadaver Needs evaluation
cmake Not affected
coin3 Not affected
expat Needs evaluation
firefox Not affected
gdcm Not affected
ghostscript Not affected
insighttoolkit4 Needs evaluation
libxmltok Needs evaluation
matanza Needs evaluation
smart Not in release
swish-e Needs evaluation
tdom Needs evaluation
texlive-bin Not affected
thunderbird Not affected
vnc4 Not in release
vtk Not in release
wbxml2 Needs evaluation
xmlrpc-c Needs evaluation
Show all 23 packages Show less packages

CVE-2024-0126

Medium priority

Some fixes available 1 of 19

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a privileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service,...

34 affected packages

nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-340, nvidia-graphics-drivers-340-updates, nvidia-graphics-drivers-352...

Package 22.04 LTS
nvidia-graphics-drivers-304 Not in release
nvidia-graphics-drivers-304-updates Not in release
nvidia-graphics-drivers-340 Not affected
nvidia-graphics-drivers-340-updates Not in release
nvidia-graphics-drivers-352 Not in release
nvidia-graphics-drivers-352-updates Not in release
nvidia-graphics-drivers-361 Not in release
nvidia-graphics-drivers-367 Not in release
nvidia-graphics-drivers-375 Not in release
nvidia-graphics-drivers-384 Not in release
nvidia-graphics-drivers-390 Ignored
nvidia-graphics-drivers-418-server Ignored
nvidia-graphics-drivers-430 Ignored
nvidia-graphics-drivers-435 Ignored
nvidia-graphics-drivers-440 Ignored
nvidia-graphics-drivers-440-server Ignored
nvidia-graphics-drivers-450 Ignored
nvidia-graphics-drivers-450-server Ignored
nvidia-graphics-drivers-455 Ignored
nvidia-graphics-drivers-460 Ignored
nvidia-graphics-drivers-460-server Not in release
nvidia-graphics-drivers-470 Ignored
nvidia-graphics-drivers-470-server Ignored
nvidia-graphics-drivers-495 Not in release
nvidia-graphics-drivers-510 Ignored
nvidia-graphics-drivers-510-server Not affected
nvidia-graphics-drivers-515 Ignored
nvidia-graphics-drivers-515-server Ignored
nvidia-graphics-drivers-520 Ignored
nvidia-graphics-drivers-525 Not affected
nvidia-graphics-drivers-525-server Not affected
nvidia-graphics-drivers-530 Ignored
nvidia-graphics-drivers-535 Needs evaluation
nvidia-graphics-drivers-535-server Fixed
Show all 34 packages Show less packages

CVE-2024-49767

Medium priority

Some fixes available 1 of 2

Werkzeug is a Web Server Gateway Interface web application library. Applications using `werkzeug.formparser.MultiPartParser` corresponding to a version of Werkzeug prior to 3.0.6 to parse `multipart/form-data` requests (e.g. all...

2 affected packages

python-werkzeug, quart

Package 22.04 LTS
python-werkzeug Fixed
quart Needs evaluation
Show less packages

CVE-2024-49766

Medium priority
Not affected

Werkzeug is a Web Server Gateway Interface web application library. On Python < 3.11 on Windows, os.path.isabs() does not catch UNC paths like //server/share. Werkzeug's safe_join() relies on this check, and so can produce a path...

1 affected packages

python-werkzeug

Package 22.04 LTS
python-werkzeug Not affected
Show less packages

CVE-2024-49760

Medium priority
Needs evaluation

OpenRefine is a free, open source tool for working with messy data. The load-language command expects a `lang` parameter from which it constructs the path of the localization file to load, of the form `translations-$LANG.json`....

1 affected packages

openrefine

Package 22.04 LTS
openrefine Needs evaluation
Show less packages

CVE-2024-48426

Medium priority
Needs evaluation

A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address (0x1000c9714971).

4 affected packages

assimp, qt6-3d, qt6-quick3d, spring

Package 22.04 LTS
assimp Needs evaluation
qt6-3d Needs evaluation
qt6-quick3d Needs evaluation
spring Needs evaluation
Show less packages

CVE-2024-48425

Medium priority
Needs evaluation

A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at...

4 affected packages

assimp, qt6-3d, qt6-quick3d, spring

Package 22.04 LTS
assimp Needs evaluation
qt6-3d Needs evaluation
qt6-quick3d Needs evaluation
spring Needs evaluation
Show less packages

CVE-2024-48424

Medium priority
Needs evaluation

A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.

4 affected packages

assimp, qt6-3d, qt6-quick3d, spring

Package 22.04 LTS
assimp Needs evaluation
qt6-3d Needs evaluation
qt6-quick3d Needs evaluation
spring Needs evaluation
Show less packages