Search CVE reports
281 – 290 of 30617 results
CVE-2024-6232
Medium priorityThere is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.
11 affected packages
python2.7, python3.10, python3.11, python3.12, python3.13...
| Package | 18.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.10 | Not in release |
| python3.11 | Not in release |
| python3.12 | Not in release |
| python3.13 | Not in release |
| python3.4 | Not in release |
| python3.5 | Not in release |
| python3.6 | Needs evaluation |
| python3.7 | Needs evaluation |
| python3.8 | Needs evaluation |
| python3.9 | Not in release |
CVE-2024-8374
Medium priorityUltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via the 3MF format reader (/plugins/ThreeMFReader.py). The vulnerability arises from improper handling of the drop_to_buildplate property...
1 affected packages
cura
| Package | 18.04 LTS |
|---|---|
| cura | Needs evaluation |
CVE-2024-6119
Medium priorityIssue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 18.04 LTS |
|---|---|
| edk2 | Needs evaluation |
| nodejs | Needs evaluation |
| openssl | Not affected |
| openssl1.0 | Not affected |
CVE-2024-45231
Low priorityDue to unhandled email sending failures, the django.contrib.auth.forms.PasswordResetForm class allowed remote attackers to enumerate user emails by issuing password reset requests and observing the outcomes. To mitigate this risk,...
1 affected packages
python-django
| Package | 18.04 LTS |
|---|---|
| python-django | Fixed |
CVE-2024-45230
Medium priorityThe urlize() and urlizetrunc() template filters were subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.
1 affected packages
python-django
| Package | 18.04 LTS |
|---|---|
| python-django | Fixed |
CVE-2024-45306
Medium priorityVim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by...
1 affected packages
vim
| Package | 18.04 LTS |
|---|---|
| vim | Needs evaluation |
CVE-2024-44947
Medium priorityIn the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fuse_notify_store(), unlike fuse_do_readpage(), does not enable page zeroing (because it can be...
121 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
| Package | 18.04 LTS |
|---|---|
| linux | Ignored |
| linux-allwinner-5.19 | — |
| linux-aws | Ignored |
| linux-aws-5.0 | Ignored |
| linux-aws-5.11 | — |
| linux-aws-5.13 | — |
| linux-aws-5.15 | — |
| linux-aws-5.19 | — |
| linux-aws-5.3 | Ignored |
| linux-aws-5.4 | Ignored |
| linux-aws-5.8 | — |
| linux-aws-6.2 | — |
| linux-aws-6.5 | — |
| linux-aws-fips | — |
| linux-aws-hwe | — |
| linux-azure | Ignored |
| linux-azure-4.15 | Ignored |
| linux-azure-5.11 | — |
| linux-azure-5.13 | — |
| linux-azure-5.15 | — |
| linux-azure-5.19 | — |
| linux-azure-5.3 | Ignored |
| linux-azure-5.4 | Ignored |
| linux-azure-5.8 | — |
| linux-azure-6.2 | — |
| linux-azure-6.5 | — |
| linux-azure-edge | Ignored |
| linux-azure-fde | — |
| linux-azure-fde-5.15 | — |
| linux-azure-fde-5.19 | — |
| linux-azure-fde-6.2 | — |
| linux-azure-fips | — |
| linux-bluefield | — |
| linux-fips | — |
| linux-gcp | Ignored |
| linux-gcp-4.15 | Ignored |
| linux-gcp-5.11 | — |
| linux-gcp-5.13 | — |
| linux-gcp-5.15 | — |
| linux-gcp-5.19 | — |
| linux-gcp-5.3 | Ignored |
| linux-gcp-5.4 | Ignored |
| linux-gcp-5.8 | — |
| linux-gcp-6.2 | — |
| linux-gcp-6.5 | — |
| linux-gcp-fips | — |
| linux-gke | — |
| linux-gke-4.15 | Ignored |
| linux-gke-5.15 | — |
| linux-gke-5.4 | Ignored |
| linux-gkeop | — |
| linux-gkeop-5.15 | — |
| linux-gkeop-5.4 | Ignored |
| linux-hwe | Ignored |
| linux-hwe-5.11 | — |
| linux-hwe-5.13 | — |
| linux-hwe-5.15 | — |
| linux-hwe-5.19 | — |
| linux-hwe-5.4 | Ignored |
| linux-hwe-5.8 | — |
| linux-hwe-6.2 | — |
| linux-hwe-6.5 | — |
| linux-hwe-6.8 | — |
| linux-hwe-edge | Ignored |
| linux-ibm | — |
| linux-ibm-5.15 | — |
| linux-ibm-5.4 | Ignored |
| linux-intel | Not in release |
| linux-intel-5.13 | — |
| linux-intel-iot-realtime | — |
| linux-intel-iotg | — |
| linux-intel-iotg-5.15 | — |
| linux-iot | — |
| linux-kvm | Ignored |
| linux-lowlatency | — |
| linux-lowlatency-hwe-5.15 | — |
| linux-lowlatency-hwe-5.19 | — |
| linux-lowlatency-hwe-6.2 | — |
| linux-lowlatency-hwe-6.5 | — |
| linux-lowlatency-hwe-6.8 | — |
| linux-lts-xenial | — |
| linux-nvidia | — |
| linux-nvidia-6.2 | — |
| linux-nvidia-6.5 | — |
| linux-nvidia-6.8 | — |
| linux-nvidia-lowlatency | — |
| linux-oem | Ignored |
| linux-oem-5.10 | — |
| linux-oem-5.13 | — |
| linux-oem-5.14 | — |
| linux-oem-5.17 | — |
| linux-oem-5.6 | — |
| linux-oem-6.0 | — |
| linux-oem-6.1 | — |
| linux-oem-6.5 | — |
| linux-oem-6.8 | — |
| linux-oracle | Ignored |
| linux-oracle-5.0 | Ignored |
| linux-oracle-5.11 | — |
| linux-oracle-5.13 | — |
| linux-oracle-5.15 | — |
| linux-oracle-5.3 | Ignored |
| linux-oracle-5.4 | Ignored |
| linux-oracle-5.8 | — |
| linux-oracle-6.5 | — |
| linux-raspi | — |
| linux-raspi-5.4 | Ignored |
| linux-raspi-realtime | — |
| linux-raspi2 | — |
| linux-realtime | — |
| linux-riscv | — |
| linux-riscv-5.11 | — |
| linux-riscv-5.15 | — |
| linux-riscv-5.19 | — |
| linux-riscv-5.8 | — |
| linux-riscv-6.5 | — |
| linux-riscv-6.8 | — |
| linux-starfive-5.19 | — |
| linux-starfive-6.2 | — |
| linux-starfive-6.5 | — |
| linux-xilinx-zynqmp | — |
CVE-2024-45508
Medium priorityHTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node.
1 affected packages
htmldoc
| Package | 18.04 LTS |
|---|---|
| htmldoc | Needs evaluation |
CVE-2024-44946
Medium priorityIn the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcm_sendmsg() for the same socket. syzkaller reported UAF in kcm_release(). [0] The scenario is 1. Thread A builds a skb with MSG_MORE and sets...
121 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
| Package | 18.04 LTS |
|---|---|
| linux | Ignored |
| linux-allwinner-5.19 | — |
| linux-aws | Ignored |
| linux-aws-5.0 | Ignored |
| linux-aws-5.11 | — |
| linux-aws-5.13 | — |
| linux-aws-5.15 | — |
| linux-aws-5.19 | — |
| linux-aws-5.3 | Ignored |
| linux-aws-5.4 | Ignored |
| linux-aws-5.8 | — |
| linux-aws-6.2 | — |
| linux-aws-6.5 | — |
| linux-aws-fips | — |
| linux-aws-hwe | — |
| linux-azure | Ignored |
| linux-azure-4.15 | Ignored |
| linux-azure-5.11 | — |
| linux-azure-5.13 | — |
| linux-azure-5.15 | — |
| linux-azure-5.19 | — |
| linux-azure-5.3 | Ignored |
| linux-azure-5.4 | Ignored |
| linux-azure-5.8 | — |
| linux-azure-6.2 | — |
| linux-azure-6.5 | — |
| linux-azure-edge | Ignored |
| linux-azure-fde | — |
| linux-azure-fde-5.15 | — |
| linux-azure-fde-5.19 | — |
| linux-azure-fde-6.2 | — |
| linux-azure-fips | — |
| linux-bluefield | — |
| linux-fips | — |
| linux-gcp | Ignored |
| linux-gcp-4.15 | Ignored |
| linux-gcp-5.11 | — |
| linux-gcp-5.13 | — |
| linux-gcp-5.15 | — |
| linux-gcp-5.19 | — |
| linux-gcp-5.3 | Ignored |
| linux-gcp-5.4 | Ignored |
| linux-gcp-5.8 | — |
| linux-gcp-6.2 | — |
| linux-gcp-6.5 | — |
| linux-gcp-fips | — |
| linux-gke | — |
| linux-gke-4.15 | Ignored |
| linux-gke-5.15 | — |
| linux-gke-5.4 | Ignored |
| linux-gkeop | — |
| linux-gkeop-5.15 | — |
| linux-gkeop-5.4 | Ignored |
| linux-hwe | Ignored |
| linux-hwe-5.11 | — |
| linux-hwe-5.13 | — |
| linux-hwe-5.15 | — |
| linux-hwe-5.19 | — |
| linux-hwe-5.4 | Ignored |
| linux-hwe-5.8 | — |
| linux-hwe-6.2 | — |
| linux-hwe-6.5 | — |
| linux-hwe-6.8 | — |
| linux-hwe-edge | Ignored |
| linux-ibm | — |
| linux-ibm-5.15 | — |
| linux-ibm-5.4 | Ignored |
| linux-intel | Not in release |
| linux-intel-5.13 | — |
| linux-intel-iot-realtime | — |
| linux-intel-iotg | — |
| linux-intel-iotg-5.15 | — |
| linux-iot | — |
| linux-kvm | Ignored |
| linux-lowlatency | — |
| linux-lowlatency-hwe-5.15 | — |
| linux-lowlatency-hwe-5.19 | — |
| linux-lowlatency-hwe-6.2 | — |
| linux-lowlatency-hwe-6.5 | — |
| linux-lowlatency-hwe-6.8 | — |
| linux-lts-xenial | — |
| linux-nvidia | — |
| linux-nvidia-6.2 | — |
| linux-nvidia-6.5 | — |
| linux-nvidia-6.8 | — |
| linux-nvidia-lowlatency | — |
| linux-oem | Ignored |
| linux-oem-5.10 | — |
| linux-oem-5.13 | — |
| linux-oem-5.14 | — |
| linux-oem-5.17 | — |
| linux-oem-5.6 | — |
| linux-oem-6.0 | — |
| linux-oem-6.1 | — |
| linux-oem-6.5 | — |
| linux-oem-6.8 | — |
| linux-oracle | Ignored |
| linux-oracle-5.0 | Ignored |
| linux-oracle-5.11 | — |
| linux-oracle-5.13 | — |
| linux-oracle-5.15 | — |
| linux-oracle-5.3 | Ignored |
| linux-oracle-5.4 | Ignored |
| linux-oracle-5.8 | — |
| linux-oracle-6.5 | — |
| linux-raspi | — |
| linux-raspi-5.4 | Ignored |
| linux-raspi-realtime | — |
| linux-raspi2 | — |
| linux-realtime | — |
| linux-riscv | — |
| linux-riscv-5.11 | — |
| linux-riscv-5.15 | — |
| linux-riscv-5.19 | — |
| linux-riscv-5.8 | — |
| linux-riscv-6.5 | — |
| linux-riscv-6.8 | — |
| linux-starfive-5.19 | — |
| linux-starfive-6.2 | — |
| linux-starfive-6.5 | — |
| linux-xilinx-zynqmp | — |
CVE-2024-0111
Medium priorityNVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a...
1 affected packages
nvidia-cuda-toolkit
| Package | 18.04 LTS |
|---|---|
| nvidia-cuda-toolkit | Needs evaluation |