Search CVE reports

41441 – 41450 of 68840 results

Detailed view

Sort by:

CVE-2018-10932

Medium priority

Vulnerable

lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior...

1 affected package

lldpad

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
lldpad	Not affected	Not affected	Not affected	Not affected	Vulnerable

CVE-2018-7166

Low priority

Not affected

In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third...

1 affected package

nodejs

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
nodejs	—	—	—	—	Not affected

CVE-2018-12115

Medium priority

Some fixes available 1 of 2

In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside...

1 affected package

nodejs

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
nodejs	Not affected	Not affected	Not affected	Not affected	Fixed

CVE-2018-15599

Low priority

Vulnerable

The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue...

1 affected package

dropbear

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dropbear	Not affected	Not affected	Not affected	Not affected	Vulnerable

CVE-2018-6557

Low priority

Fixed

The MOTD update script in the base-files package in Ubuntu 18.04 LTS before 10.1ubuntu2.2, and Ubuntu 18.10 before 10.1ubuntu6 incorrectly handled temporary files. A local attacker could use this issue to cause a denial...

1 affected package

base-files

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
base-files	—	—	—	—	Fixed

CVE-2018-15607

Low priority

Fixed

In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed...

1 affected package

imagemagick

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	Not affected	Not affected	Not affected	Not affected	Fixed

CVE-2018-10902

Medium priority

Some fixes available 22 of 24

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of...

78 affected packages

linux, linux-flo, linux-aws, linux-aws-hwe, linux-oracle...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	Not affected	Not affected	Not affected	Fixed
linux-flo	—	—	—	—	Not in release
linux-aws	—	Not affected	Not affected	Not affected	Fixed
linux-aws-hwe	—	Not in release	Not in release	Not in release	Not in release
linux-oracle	—	Not affected	Not affected	Not affected	Not affected
linux-azure	—	Not affected	Not affected	Not affected	Fixed
linux-azure-edge	—	Not in release	Not in release	Not in release	Not affected
linux-euclid	—	—	—	—	Not in release
linux-gcp	—	Not affected	Not affected	Not affected	Fixed
linux-gcp-edge	—	—	—	—	Not affected
linux-gke	—	Not affected	Not affected	Ignored	Not in release
linux-goldfish	—	—	—	—	Not in release
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	Not in release	Not in release	Not in release	Not affected
linux-hwe-edge	—	Not in release	Not in release	Not in release	Not affected
linux-kvm	—	Not in release	Not affected	Not affected	Fixed
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	Not in release	Not in release	Not in release	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Not in release
linux-manta	—	—	—	—	Not in release
linux-oem	—	Not in release	Not in release	Not in release	Fixed
linux-raspi2	—	Not in release	Not in release	Ignored	Fixed
linux-snapdragon	—	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-hwe-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-aws-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-aws-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-azure-4.15	—	Not in release	Not in release	Not in release	Not affected
linux-azure-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-azure-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-azure-fde	—	Not affected	Not affected	Ignored	Not in release
linux-azure-fde-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-bluefield	—	Not in release	Not in release	Not affected	Not in release
linux-fips	—	Not in release	Not affected	Not affected	Not affected
linux-aws-fips	—	Not in release	Not affected	Not affected	Not affected
linux-azure-fips	—	Not in release	Not affected	Not affected	Not affected
linux-gcp-fips	—	Not in release	Not affected	Not affected	Not affected
linux-gcp-4.15	—	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-gkeop	—	Not affected	Not affected	Not affected	Not in release
linux-gkeop-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-ibm	—	Not affected	Not affected	Not affected	Not in release
linux-ibm-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-ibm-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-intel	—	Not affected	Not in release	Not in release	Not in release
linux-intel-iotg	—	Not in release	Not affected	Not in release	Not in release
linux-intel-iotg-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-iot	—	Not in release	Not in release	Not affected	Not in release
linux-intel-iot-realtime	—	Not in release	Not affected	Not in release	Not in release
linux-lowlatency	—	Not affected	Not affected	Not in release	Not in release
linux-lowlatency-hwe-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-lowlatency-hwe-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia	—	Not affected	Not affected	Not in release	Not in release
linux-nvidia-6.5	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia-lowlatency	—	Not affected	Not in release	Not in release	Not in release
linux-oracle-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-oracle-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-oem-6.8	—	Not affected	Not in release	Not in release	Not in release
linux-raspi	—	Not affected	Not affected	Not affected	Not in release
linux-raspi-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-raspi-realtime	—	Not affected	Not in release	Not in release	Not in release
linux-realtime	—	Not affected	Not affected	Not in release	Not in release
linux-riscv	—	Not affected	Ignored	Ignored	Not in release
linux-riscv-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-riscv-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-xilinx-zynqmp	—	Not in release	Not affected	Not affected	Not in release
linux-aws-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-gcp-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-oracle-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-azure-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-oem-6.11	—	Not affected	Not in release	Not in release	Not in release

CVE-2018-1656

Medium priority

Fixed

The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java (DTFJ) (IBM SDK, Java Technology Edition 6.0 , 7.0, and 8.0) does not protect against path traversal attacks when extracting compressed dump files. IBM...

1 affected package

ibm-java80

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ibm-java80	—	—	—	—	Fixed

CVE-2018-1517

Medium priority

Fixed

A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. IBM X-Force ID: 141681.

1 affected package

ibm-java80

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ibm-java80	—	—	—	—	Fixed

CVE-2015-5160

Low priority

Ignored

libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing.

1 affected package

libvirt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libvirt	—	—	—	—	—

Export to JSON

Results by page: