Search CVE reports
181 – 190 of 21465 results
CVE-2024-21820
Medium priorityIncorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access.
1 affected packages
intel-microcode
| Package | 24.04 LTS |
|---|---|
| intel-microcode | Vulnerable |
CVE-2024-21808
Medium priorityImproper buffer restrictions in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
2 affected packages
intel-mediasdk, onevpl-intel-gpu
| Package | 24.04 LTS |
|---|---|
| intel-mediasdk | Needs evaluation |
| onevpl-intel-gpu | Needs evaluation |
CVE-2024-21783
Medium priorityInteger overflow for some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
2 affected packages
intel-mediasdk, onevpl-intel-gpu
| Package | 24.04 LTS |
|---|---|
| intel-mediasdk | Needs evaluation |
| onevpl-intel-gpu | Needs evaluation |
CVE-2024-51996
Medium prioritySymphony process is a module for the Symphony PHP framework which executes commands in sub-processes. When consuming a persisted remember-me cookie, Symfony does not check if the username persisted in the database matches the...
1 affected packages
symfony
| Package | 24.04 LTS |
|---|---|
| symfony | Needs evaluation |
CVE-2024-48900
Medium priorityNot in release
A vulnerability was found in Moodle. Additional checks are required to ensure users with permission to view badge recipients can only access lists of those they are intended to have access to.
1 affected packages
moodle
| Package | 24.04 LTS |
|---|---|
| moodle | Not in release |
CVE-2024-11159
Medium priorityUsing remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird < 128.4.3 and Thunderbird < 132.0.1.
1 affected packages
thunderbird
| Package | 24.04 LTS |
|---|---|
| thunderbird | Not affected |
CVE-2024-45819
Medium priority[Unknown description]
1 affected packages
xen
| Package | 24.04 LTS |
|---|---|
| xen | Needs evaluation |
CVE-2024-45818
Medium priority[Unknown description]
1 affected packages
xen
| Package | 24.04 LTS |
|---|---|
| xen | Needs evaluation |
CVE-2024-11168
Medium priorityThe urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is...
11 affected packages
python2.7, python3.10, python3.11, python3.12, python3.13...
| Package | 24.04 LTS |
|---|---|
| python2.7 | Not in release |
| python3.10 | Not in release |
| python3.11 | Not in release |
| python3.12 | Not affected |
| python3.13 | Not in release |
| python3.4 | Not in release |
| python3.5 | Not in release |
| python3.6 | Not in release |
| python3.7 | Not in release |
| python3.8 | Not in release |
| python3.9 | Not in release |
CVE-2024-50336
Medium prioritymatrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the...
1 affected packages
node-matrix-js-sdk
| Package | 24.04 LTS |
|---|---|
| node-matrix-js-sdk | Needs evaluation |