Search CVE reports

41571 – 41580 of 69301 results

Detailed view

Sort by:

CVE-2018-15836

Medium priority

Not in release

In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA implementation does not verify the value of padding string during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can...

1 affected package

openswan

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openswan	—	—	—	—	Not in release

CVE-2018-14634

High priority

Some fixes available 11 of 13

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system....

77 affected packages

linux, linux-aws, linux-flo, linux-grouper, linux-azure...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	Not affected	Not affected	Not affected	Not affected
linux-aws	—	Not affected	Not affected	Not affected	Not affected
linux-flo	—	—	—	—	Not in release
linux-grouper	—	—	—	—	Not in release
linux-azure	—	Not affected	Not affected	Not affected	Not affected
linux-azure-edge	—	Not in release	Not in release	Not in release	Not affected
linux-euclid	—	—	—	—	Not in release
linux-gcp	—	Not affected	Not affected	Not affected	Not affected
linux-gke	—	Not affected	Not affected	Ignored	Not in release
linux-goldfish	—	—	—	—	Not in release
linux-hwe	—	Not in release	Not in release	Not in release	Not affected
linux-hwe-edge	—	Not in release	Not in release	Not in release	Not affected
linux-kvm	—	Not in release	Not affected	Not affected	Not affected
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	Not in release	Not in release	Not in release	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Not in release
linux-manta	—	—	—	—	Not in release
linux-oem	—	Not in release	Not in release	Not in release	Not affected
linux-raspi2	—	Not in release	Not in release	Ignored	Not affected
linux-snapdragon	—	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-hwe-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-aws-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-aws-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-aws-hwe	—	Not in release	Not in release	Not in release	Not in release
linux-azure-4.15	—	Not in release	Not in release	Not in release	Not affected
linux-azure-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-azure-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-azure-fde	—	Not affected	Not affected	Ignored	Not in release
linux-azure-fde-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-bluefield	—	Not in release	Not in release	Not affected	Not in release
linux-fips	—	Not in release	Not affected	Not affected	Not affected
linux-aws-fips	—	Not in release	Not affected	Not affected	Not affected
linux-azure-fips	—	Not in release	Not affected	Not affected	Not affected
linux-gcp-fips	—	Not in release	Not affected	Not affected	Not affected
linux-gcp-4.15	—	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-gkeop	—	Not affected	Not affected	Not affected	Not in release
linux-gkeop-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-ibm	—	Not affected	Not affected	Not affected	Not in release
linux-ibm-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-ibm-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-intel	—	Not affected	Not in release	Not in release	Not in release
linux-intel-iotg	—	Not in release	Not affected	Not in release	Not in release
linux-intel-iotg-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-iot	—	Not in release	Not in release	Not affected	Not in release
linux-intel-iot-realtime	—	Not in release	Not affected	Not in release	Not in release
linux-lowlatency	—	Not affected	Not affected	Not in release	Not in release
linux-lowlatency-hwe-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-lowlatency-hwe-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia	—	Not affected	Not affected	Not in release	Not in release
linux-nvidia-6.5	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-nvidia-lowlatency	—	Not affected	Not in release	Not in release	Not in release
linux-oracle	—	Not affected	Not affected	Not affected	Not affected
linux-oracle-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-oracle-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-oem-6.8	—	Not affected	Not in release	Not in release	Not in release
linux-raspi	—	Not affected	Not affected	Not affected	Not in release
linux-raspi-5.4	—	Not in release	Not in release	Not in release	Not affected
linux-raspi-realtime	—	Not affected	Not in release	Not in release	Not in release
linux-realtime	—	Not affected	Not affected	Not in release	Not in release
linux-riscv	—	Not affected	Ignored	Ignored	Not in release
linux-riscv-5.15	—	Not in release	Not in release	Not affected	Not in release
linux-riscv-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-xilinx-zynqmp	—	Not in release	Not affected	Not affected	Not in release
linux-aws-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-gcp-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-oracle-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-azure-6.8	—	Not in release	Not affected	Not in release	Not in release
linux-oem-6.11	—	Not affected	Not in release	Not in release	Not in release

CVE-2018-6119

Medium priority

Fixed

Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—	Fixed
oxide-qt	—	—	—	—	Not in release

CVE-2018-6055

Medium priority

Fixed

Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—	Fixed
oxide-qt	—	—	—	—	Not in release

CVE-2018-6054

Low priority

Some fixes available 5 of 6

Use after free in WebUI in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension.

2 affected packages

chromium-browser, oxide-qt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—	Fixed
oxide-qt	—	—	—	—	Not in release

CVE-2018-6053

Low priority

Some fixes available 5 of 6

Inappropriate implementation in New Tab Page in Google Chrome prior to 64.0.3282.119 allowed a local attacker to view website thumbnail images after clearing browser data via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—	Fixed
oxide-qt	—	—	—	—	Not in release

CVE-2018-6052

Low priority

Some fixes available 5 of 6

Lack of support for a non standard no-referrer policy value in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain referrer details from a web page that had thought it had opted out of sending referrer data.

2 affected packages

chromium-browser, oxide-qt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—	Fixed
oxide-qt	—	—	—	—	Not in release

CVE-2018-6051

Low priority

Some fixes available 5 of 6

XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—	Fixed
oxide-qt	—	—	—	—	Not in release

CVE-2018-6050

Low priority

Some fixes available 5 of 6

Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—	Fixed
oxide-qt	—	—	—	—	Not in release

CVE-2018-6049

Low priority

Some fixes available 5 of 6

Incorrect security UI in permissions prompt in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the origin to which permission is granted via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—	Fixed
oxide-qt	—	—	—	—	Not in release

Export to JSON

Results by page: