Search CVE reports
1 – 10 of 10 results
CVE-2022-46871
Medium prioritySome fixes available 9 of 18
An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108.
8 affected packages
firefox, libusrsctp, mozjs38, mozjs52, mozjs68...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | Not affected | Not affected | Fixed | Fixed | Ignored |
libusrsctp | Not affected | Not affected | Vulnerable | Not in release | Not in release |
mozjs38 | — | Not in release | Not in release | Ignored | Not in release |
mozjs52 | — | Not in release | Ignored | Ignored | Not in release |
mozjs68 | — | Not in release | Ignored | Not in release | Not in release |
mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
mozjs91 | — | Ignored | Not in release | Not in release | Not in release |
thunderbird | Fixed | Fixed | Fixed | Fixed | Ignored |
CVE-2019-20503
Medium prioritySome fixes available 26 of 36
usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
4 affected packages
chromium-browser, firefox, libusrsctp, thunderbird
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | Not affected | Not affected | Not affected | Fixed | Fixed |
firefox | Fixed | Fixed | Fixed | Fixed | Fixed |
libusrsctp | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
thunderbird | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2012-5644
Medium prioritylibuser has information disclosure when moving user's home directory
1 affected packages
libuser
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libuser | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2012-5630
Medium prioritylibuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees.
1 affected packages
libuser
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libuser | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2019-14822
Medium prioritySome fixes available 3 of 4
A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may...
1 affected packages
ibus
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ibus | — | — | — | Fixed | Fixed |
CVE-2016-5104
Medium priorityThe socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.
2 affected packages
libimobiledevice, libusbmuxd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libimobiledevice | — | — | — | — | Fixed |
libusbmuxd | — | — | — | — | Fixed |
CVE-2015-3246
Medium prioritySome fixes available 1 of 5
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing...
1 affected packages
libuser
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libuser | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2015-3245
Low prioritySome fixes available 1 of 5
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd...
1 affected packages
libuser
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libuser | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2013-4509
Medium priorityThe default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically...
1 affected packages
ibus
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ibus | — | — | — | — | — |
CVE-2011-0002
Medium prioritylibuser before 0.57 uses a cleartext password value of (1) !! or (2) x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values.
1 affected packages
libuser
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libuser | — | — | — | — | — |