Search CVE reports

41361 – 41370 of 69300 results

Detailed view

Sort by:

CVE-2018-18605

Low priority

Some fixes available 2 of 4

A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section...

1 affected package

binutils

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
binutils	Not affected	Not affected	Not affected	Not affected	Fixed

CVE-2018-18586

Negligible priority

Not affected

chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this...

2 affected packages

clamav, libmspack

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
clamav	—	—	—	—	Not affected
libmspack	—	—	—	—	Not affected

CVE-2018-16837

Medium priority

Some fixes available 2 of 4

Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those...

1 affected package

ansible

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ansible	Not affected	Not affected	Not affected	Not affected	Fixed

CVE-2018-18559

Medium priority

Some fixes available 12 of 17

In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6...

77 affected packages

linux, linux-goldfish, linux-grouper, linux-lts-trusty, linux-maguro...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	Not affected	Not affected	Not affected	Not affected
linux-goldfish	—	—	—	—	Not in release
linux-grouper	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Not in release
linux-manta	—	—	—	—	Not in release
linux-flo	—	—	—	—	Not in release
linux-raspi2	—	Not in release	Not in release	Ignored	Not affected
linux-aws	—	Not affected	Not affected	Not affected	Not affected
linux-azure	—	Not affected	Not affected	Not affected	Not affected
linux-azure-edge	—	Not in release	Not in release	Not in release	Not affected
linux-euclid	—	—	—	—	Not in release
linux-gcp	—	Not affected	Not affected	Not affected	Not affected
linux-gke	—	Not affected	Not affected	Ignored	Not in release
linux-hwe	—	Not in release	Not in release	Not in release	Not affected
linux-kvm	—	Not in release	Not affected	Not affected	Not affected
linux-hwe-edge	—	Not in release	Not in release	Not in release	Not affected
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	Not in release	Not in release	Not in release	Not in release
linux-oem	—	Not in release	Not in release	Not in release	Not affected
linux-snapdragon	—	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-hwe-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-aws-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-aws-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-aws-hwe	—	Not in release	Not in release	Not in release	Not in release
linux-azure-4.15	—	Not in release	Not in release	Not in release	Not affected
linux-azure-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-azure-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-azure-fde	—	Not affected	Not affected	Ignored	Not in release
linux-azure-fde-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-bluefield	—	Not in release	Not in release	Not affected	Not in release
linux-fips	—	Not in release	Not affected	Not affected	Not affected
linux-aws-fips	—	Not in release	Not affected	Not affected	Not affected
linux-azure-fips	—	Not in release	Not affected	Not affected	Not affected
linux-gcp-fips	—	Not in release	Not affected	Not affected	Not affected
linux-gcp-4.15	—	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-gkeop	—	Not affected	Not affected	Not affected	Not in release
linux-gkeop-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-ibm	—	Not affected	Not affected	Not affected	Not in release
linux-ibm-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-ibm-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-intel	—	Not affected	Not in release	Not in release	Not in release
linux-intel-iotg	—	Not in release	Not affected	Not in release	Not in release
linux-intel-iotg-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-iot	—	Not in release	Not in release	Not affected	Not in release
linux-intel-iot-realtime	—	Not in release	Not affected	Not in release	Not in release
linux-lowlatency	—	Not affected	Not affected	Not in release	Not in release
linux-lowlatency-hwe-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-lowlatency-hwe-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia	—	Not affected	Not affected	Not in release	Not in release
linux-nvidia-6.5	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia-lowlatency	—	Not affected	Not in release	Not in release	Not in release
linux-oracle	—	Not affected	Not affected	Not affected	Not affected
linux-oracle-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-oracle-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-oem-6.8	—	Not affected	Not in release	Not in release	Not in release
linux-raspi	—	Not affected	Not affected	Not affected	Not in release
linux-raspi-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-raspi-realtime	—	Not affected	Not in release	Not in release	Not in release
linux-realtime	—	Not affected	Not affected	Not in release	Not in release
linux-riscv	—	Not affected	Ignored	Ignored	Not in release
linux-riscv-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-riscv-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-xilinx-zynqmp	—	Not in release	Not affected	Not affected	Not in release
linux-aws-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-gcp-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-oracle-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-azure-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-oem-6.11	—	Not affected	Not in release	Not in release	Not in release

CVE-2018-18585

Medium priority

Fixed

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

2 affected packages

clamav, libmspack

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
clamav	—	Not affected	Not affected	Not affected	Not affected
libmspack	—	Not affected	Not affected	Not affected	Fixed

CVE-2018-18584

Medium priority

Fixed

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.

3 affected packages

cabextract, clamav, libmspack

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cabextract	—	—	Not affected	Not affected	Not affected
clamav	—	—	Not affected	Not affected	Not affected
libmspack	—	—	Not affected	Not affected	Fixed

CVE-2018-18557

Medium priority

Fixed

LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG...

1 affected package

tiff

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
tiff	—	—	—	—	Fixed

CVE-2018-18541

Medium priority

Vulnerable

In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server...

1 affected package

teeworlds

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
teeworlds	Not affected	Not affected	Not affected	Not affected	Vulnerable

CVE-2018-18544

Low priority

Fixed

There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.

1 affected package

imagemagick

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	Not affected	Not affected	Not affected	Not affected	Fixed

CVE-2018-18438

Low priority

Ignored

Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.

2 affected packages

qemu, qemu-kvm

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	Not affected	Not affected
qemu-kvm	—	—	—	Not in release	Not in release

Export to JSON

Results by page: