Search CVE reports

41311 – 41320 of 69301 results

Detailed view

Sort by:

CVE-2018-17783

Medium priority

Not in release

A cross-site scripting (XSS) vulnerability in the Edit Filter page (manage_filter_edit page.php) in MantisBT 2.1.0 through 2.17.1 allows remote attackers (if access rights permit it) to inject arbitrary code (if CSP settings...

1 affected package

mantis

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mantis	—	—	—	—	Not in release

CVE-2018-17782

Medium priority

Not in release

A cross-site scripting (XSS) vulnerability in the Manage Filters page (manage_filter_page.php) in MantisBT 2.1.0 through 2.17.1 allows remote attackers (if access rights permit it) to inject arbitrary code (if CSP settings permit...

1 affected package

mantis

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mantis	—	—	—	—	Not in release

CVE-2015-5159

Medium priority

Not affected

python-kdcproxy before 0.3.2 allows remote attackers to cause a denial of service via a large POST request.

1 affected package

python-kdcproxy

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
python-kdcproxy	—	—	—	—	Not affected

CVE-2018-18829

Medium priority

Needs evaluation

There exists a NULL pointer dereference in ff_vc1_parse_frame_header_adv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafted aac file.

5 affected packages

qtwebengine-opensource-src, vlc, gst-libav1.0, ffmpeg, libav

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
vlc	Not affected	Not affected	Not affected	Not affected	Not affected
gst-libav1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
libav	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2018-18828

Medium priority

Needs evaluation

There exists a heap-based buffer overflow in vc1_decode_i_block_adv in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.

5 affected packages

ffmpeg, gst-libav1.0, libav, qtwebengine-opensource-src, vlc

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
gst-libav1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libav	Not in release	Not in release	Not in release	Not in release	Not in release
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
vlc	Not affected	Not affected	Not affected	Not affected	Not affected

CVE-2018-18827

Medium priority

Needs evaluation

There exists a heap-based buffer over-read in ff_vc1_pred_dc in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.

5 affected packages

gst-libav1.0, qtwebengine-opensource-src, vlc, ffmpeg, libav

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
gst-libav1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
vlc	Not affected	Not affected	Not affected	Not affected	Not affected
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
libav	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2018-18826

Medium priority

Needs evaluation

There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.

5 affected packages

ffmpeg, gst-libav1.0, qtwebengine-opensource-src, vlc, libav

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
gst-libav1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
vlc	Not affected	Not affected	Not affected	Not affected	Not affected
libav	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2018-18281

Medium priority

Some fixes available 33 of 34

Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale...

90 affected packages

linux, linux-aws, linux-azure, linux-gcp, linux-kvm...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	Not affected	Not affected	Not affected	Fixed
linux-aws	—	Not affected	Not affected	Not affected	Fixed
linux-azure	—	Not affected	Not affected	Not affected	Fixed
linux-gcp	—	Not affected	Not affected	Not affected	Fixed
linux-kvm	—	Not in release	Not affected	Not affected	Fixed
linux-gke	—	Not affected	Not affected	Not affected	Not in release
linux-hwe-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-raspi-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-raspi2	—	Not in release	Not in release	Not affected	Fixed
linux-snapdragon	—	Not in release	Not in release	Not in release	Fixed
linux-aws-5.0	—	Not in release	Not in release	Not in release	Not affected
linux-aws-5.3	—	Not in release	Not in release	Not in release	Not affected
linux-aws-hwe	—	Not in release	Not in release	Not in release	Not in release
linux-azure-4.15	—	Not in release	Not in release	Not in release	Not affected
linux-azure-5.3	—	Not in release	Not in release	Not in release	Not affected
linux-azure-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-azure-edge	—	Not in release	Not in release	Not in release	Fixed
linux-euclid	—	—	—	Not in release	Not in release
linux-flo	—	—	—	Not in release	Not in release
linux-gcp-4.15	—	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.3	—	Not in release	Not in release	Not in release	Not affected
linux-gcp-edge	—	—	—	Not in release	Fixed
linux-gke-4.15	—	Not in release	Not in release	Not in release	Not affected
linux-gke-5.0	—	Not in release	Not in release	Not in release	Not affected
linux-gke-5.3	—	Not in release	Not in release	Not in release	Not affected
linux-goldfish	—	—	—	Not in release	Not in release
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	Not in release	Not in release	Not in release	Not affected
linux-hwe-edge	—	Not in release	Not in release	Not in release	Not affected
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	Not in release	Not in release	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Not in release
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	Not in release	Not in release	Not in release	Fixed
linux-oem-5.6	—	Not in release	Not in release	Not affected	Not in release
linux-oem-osp1	—	Not in release	Not in release	Not in release	Not affected
linux-oracle	—	Not affected	Not affected	Not affected	Not affected
linux-oracle-5.0	—	Not in release	Not in release	Not in release	Not affected
linux-oracle-5.3	—	Not in release	Not in release	Not in release	Not affected
linux-raspi	—	Not affected	Not affected	Not affected	Not in release
linux-raspi2-5.3	—	Not in release	Not in release	Not in release	Not affected
linux-riscv	—	Not affected	Ignored	Not affected	Not in release
linux-hwe-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-hwe-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-aws-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-aws-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-azure-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-azure-fde	—	Not affected	Not affected	Ignored	Not in release
linux-aws-fips	—	Not in release	Not affected	Not affected	Not affected
linux-azure-fde-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-bluefield	—	Not in release	Not in release	Not affected	Not in release
linux-fips	—	Not in release	Not affected	Not affected	Not affected
linux-azure-fips	—	Not in release	Not affected	Not affected	Not affected
linux-gcp-fips	—	Not in release	Not affected	Not affected	Not affected
linux-gcp-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-gkeop	—	Not affected	Not affected	Not affected	Not in release
linux-gkeop-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-ibm	—	Not affected	Not affected	Not affected	Not in release
linux-ibm-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-ibm-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-intel	—	Not affected	Not in release	Not in release	Not in release
linux-intel-iotg	—	Not in release	Not affected	Not in release	Not in release
linux-intel-iotg-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-iot	—	Not in release	Not in release	Not affected	Not in release
linux-intel-iot-realtime	—	Not in release	Not affected	Not in release	Not in release
linux-lowlatency	—	Not affected	Not affected	Not in release	Not in release
linux-lowlatency-hwe-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-lowlatency-hwe-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia	—	Not affected	Not affected	Not in release	Not in release
linux-nvidia-6.5	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia-lowlatency	—	Not affected	Not in release	Not in release	Not in release
linux-oracle-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-oracle-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-oem-6.8	—	Not affected	Not in release	Not in release	Not in release
linux-raspi-realtime	—	Not affected	Not in release	Not in release	Not in release
linux-realtime	—	Not affected	Not affected	Not in release	Not in release
linux-riscv-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-riscv-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-xilinx-zynqmp	—	Not in release	Not affected	Not affected	Not in release
linux-aws-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-gcp-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-oracle-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-azure-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-oem-6.11	—	Not affected	Not in release	Not in release	Not in release

CVE-2018-0734

Low priority

Fixed

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1)....

3 affected packages

openssl, openssl098, openssl1.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	Fixed	Fixed
openssl098	—	—	—	Not in release	Not in release
openssl1.0	—	—	—	Not in release	Fixed

CVE-2018-18778

High priority

Some fixes available 3 of 4

ACME mini_httpd before 1.30 lets remote users read arbitrary files.

1 affected package

mini-httpd

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mini-httpd	—	—	Not affected	Not affected	Fixed

Export to JSON

Results by page: