Search CVE reports
49081 – 49090 of 65781 results
Some fixes available 6 of 7
bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome before 45.0.2454.101, does not perform a rethrow action to propagate information about a cross-context exception, which allows remote attackers to bypass the Same...
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| oxide-qt | — | — | — | — |
vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container (CT) root users to change the root password for...
1 affected package
vzctl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| vzctl | — | — | — | Not affected |
Buffer overflow in the DumpSysVar function in var.c in Remind before 3.1.15 allows attackers to have unspecified impact via a long name.
1 affected package
remind
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| remind | — | — | — | Not affected |
Some fixes available 1 of 5
Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request.
1 affected package
squid3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| squid3 | — | — | — | — |
The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and 1.3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty className in a packet.
1 affected package
sblim-sfcb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| sblim-sfcb | — | — | — | Not affected |
Some fixes available 1 of 3
The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service (stack consumption) via an escape sequence with a large repeat count value.
1 affected package
screen
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| screen | — | — | — | Not affected |
Some fixes available 3 of 6
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| eglibc | — | — | — | — |
| glibc | — | — | — | — |
Some fixes available 18 of 27
The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on Windows; R304 before 304.128, R340 before 340.93, and R352 before 352.41 on Linux; and R352 before 352.46 on GRID vGPU and vSGA allows local users to write to...
22 affected packages
nvidia-graphics-drivers-319, nvidia-graphics-drivers-319-updates, nvidia-graphics-drivers-331, nvidia-graphics-drivers-331-updates, nvidia-graphics-drivers-340...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| nvidia-graphics-drivers-319 | — | — | — | — |
| nvidia-graphics-drivers-319-updates | — | — | — | — |
| nvidia-graphics-drivers-331 | — | — | — | — |
| nvidia-graphics-drivers-331-updates | — | — | — | — |
| nvidia-graphics-drivers-340 | — | — | — | — |
| nvidia-graphics-drivers-340-updates | — | — | — | — |
| nvidia-graphics-drivers-346 | — | — | — | — |
| nvidia-graphics-drivers-346-updates | — | — | — | — |
| nvidia-graphics-drivers-352 | — | — | — | — |
| nvidia-graphics-drivers-352-updates | — | — | — | — |
| nvidia-graphics-drivers-96 | — | — | — | — |
| nvidia-graphics-drivers-96-updates | — | — | — | — |
| nvidia-graphics-drivers-experimental-304 | — | — | — | — |
| nvidia-graphics-drivers-experimental-310 | — | — | — | — |
| nvidia-graphics-drivers-tegra | — | — | — | — |
| nvidia-graphics-drivers-updates | — | — | — | — |
| nvidia-graphics-drivers | — | — | — | — |
| nvidia-graphics-drivers-173 | — | — | — | — |
| nvidia-graphics-drivers-173-updates | — | — | — | — |
| nvidia-graphics-drivers-304 | — | — | — | — |
| nvidia-graphics-drivers-304-updates | — | — | — | — |
| nvidia-graphics-drivers-310-updates | — | — | — | — |
Mozilla Firefox before 41.0 does not properly restrict the availability of High Resolution Time API times, which allows remote attackers to track last-level cache access, and consequently obtain sensitive information, via crafted...
2 affected packages
firefox, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| thunderbird | — | — | — | — |
The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows...
2 affected packages
firefox, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| thunderbird | — | — | — | — |