Search CVE reports
41701 – 41710 of 69503 results
Some fixes available 12 of 14
arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the...
96 affected packages
linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-6.14...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| linux | — | Not affected | Not affected | Not affected | Fixed |
| linux-aws | — | Not affected | Not affected | Not affected | Not affected |
| linux-aws-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-aws-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-aws-6.14 | — | Not affected | Not in release | Not in release | Not in release |
| linux-aws-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-aws-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-aws-hwe | — | Not in release | Not in release | Not in release | Not in release |
| linux-azure | — | Not affected | Not affected | Not affected | Not affected |
| linux-azure-4.15 | — | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-azure-6.11 | — | Ignored | Not in release | Not in release | Not in release |
| linux-azure-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-azure-edge | — | Not in release | Not in release | Not in release | Not affected |
| linux-azure-fde | — | Not affected | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-azure-nvidia | — | Not affected | Not in release | Not in release | Not in release |
| linux-bluefield | — | Not in release | Not in release | Not affected | Not in release |
| linux-euclid | — | — | — | — | Not in release |
| linux-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-flo | — | — | — | — | Not in release |
| linux-gcp | — | Not affected | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | — | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-6.11 | — | Ignored | Not in release | Not in release | Not in release |
| linux-gcp-6.14 | — | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-edge | — | — | — | — | Not affected |
| linux-gcp-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-gke | — | Not affected | Not affected | Ignored | Not in release |
| linux-gkeop | — | Not affected | Not affected | Not affected | Not in release |
| linux-gkeop-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-goldfish | — | — | — | — | Not in release |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-6.11 | — | Ignored | Not in release | Not in release | Not in release |
| linux-hwe-6.14 | — | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-edge | — | Not in release | Not in release | Not in release | Not affected |
| linux-ibm | — | Not affected | Not affected | Not affected | Not in release |
| linux-ibm-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-ibm-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-intel | — | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iot-realtime | — | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg | — | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-iot | — | Not in release | Not in release | Not affected | Not in release |
| linux-kvm | — | Not in release | Not affected | Not affected | Not affected |
| linux-lowlatency | — | Not affected | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-6.11 | — | Ignored | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not in release |
| linux-manta | — | — | — | — | Not in release |
| linux-nvidia | — | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-6.11 | — | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.5 | — | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-lowlatency | — | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-tegra | — | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-tegra-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-nvidia-tegra-igx | — | Not in release | Not affected | Not in release | Not in release |
| linux-oem | — | Not in release | Not in release | Not in release | Not affected |
| linux-oem-6.11 | — | Not affected | Not in release | Not in release | Not in release |
| linux-oem-6.14 | — | Not affected | Not in release | Not in release | Not in release |
| linux-oem-6.8 | — | Not affected | Not in release | Not in release | Not in release |
| linux-oracle | — | Not affected | Not affected | Not affected | Fixed |
| linux-oracle-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-6.14 | — | Not affected | Not in release | Not in release | Not in release |
| linux-oracle-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-raspi | — | Not affected | Not affected | Not affected | Not in release |
| linux-raspi-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | — | Not affected | Not in release | Not in release | Not in release |
| linux-raspi2 | — | Not in release | Not in release | Ignored | Fixed |
| linux-realtime | — | Not affected | Not affected | Not in release | Not in release |
| linux-realtime-6.14 | — | Not affected | Not in release | Not in release | Not in release |
| linux-realtime-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-riscv | — | Not affected | Ignored | Ignored | Not in release |
| linux-riscv-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-6.14 | — | Not affected | Not in release | Not in release | Not in release |
| linux-riscv-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-snapdragon | — | Not in release | Not in release | Not in release | Not affected |
| linux-xilinx-zynqmp | — | Not in release | Not affected | Not affected | Not in release |
Some fixes available 2 of 6
In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows remote attackers to cause a denial of service via a crafted PDF file.
1 affected package
qpdf
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qpdf | — | — | Not affected | Not affected | Fixed |
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a...
1 affected package
git
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| git | — | — | — | — | Fixed |
In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.
2 affected packages
libpdfbox-java, libpdfbox2-java
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libpdfbox-java | Not affected | Not affected | Not affected | Not affected | Fixed |
| libpdfbox2-java | Not affected | Not affected | Not affected | Not affected | Fixed |
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | — | Not affected | Not affected | Not affected | Fixed |
Some fixes available 4 of 9
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios...
2 affected packages
binutils, libiberty
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| binutils | Not affected | Not affected | Not affected | Not affected | Fixed |
| libiberty | Not affected | Not affected | Not affected | Not affected | Fixed |
Some fixes available 2 of 3
cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry.
1 affected package
mercurial
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mercurial | — | — | Not affected | Not affected | Fixed |
Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided tarball used to protect some directories that shouldn't be web accessible.
1 affected package
mediawiki
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mediawiki | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock
1 affected package
mediawiki
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mediawiki | Not affected | Not affected | Not affected | Not affected | Vulnerable |
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an information disclosure flaw in the Special:Redirect/logid
1 affected package
mediawiki
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mediawiki | Not affected | Not affected | Not affected | Not affected | Vulnerable |