Search CVE reports
1 – 10 of 32731 results
CVE-2025-24368
Medium priorityCacti is an open source performance and fault management framework. Some of the data stored in automation_tree_rules.php is not thoroughly checked and is used to concatenate the SQL statement in build_rule_item_filter() function...
1 affected package
cacti
| Package | 18.04 LTS |
|---|---|
| cacti | Needs evaluation |
CVE-2025-24367
Medium priorityCacti is an open source performance and fault management framework. An authenticated Cacti user can abuse graph creation and graph template functionality to create arbitrary PHP scripts in the web root of the application, leading...
1 affected package
cacti
| Package | 18.04 LTS |
|---|---|
| cacti | Needs evaluation |
CVE-2025-24356
Medium priorityfastd is a VPN daemon which tunnels IP packets and Ethernet frames over UDP. When receiving a data packet from an unknown IP address/port combination, fastd will assume that one of its connected peers has moved to a new address...
1 affected package
fastd
| Package | 18.04 LTS |
|---|---|
| fastd | Needs evaluation |
CVE-2025-22865
Medium priorityUsing ParsePKCS1PrivateKey to parse a RSA key that is missing the CRT values would panic when verifying that the key is well formed.
15 affected packages
golang, golang-1.10, golang-1.13, golang-1.14, golang-1.16...
| Package | 18.04 LTS |
|---|---|
| golang | — |
| golang-1.10 | Needs evaluation |
| golang-1.13 | Needs evaluation |
| golang-1.14 | — |
| golang-1.16 | Needs evaluation |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |
| golang-1.6 | — |
| golang-1.8 | Needs evaluation |
| golang-1.9 | Needs evaluation |
CVE-2025-22604
Medium priorityCacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ss_net_snmp_disk_io()...
1 affected package
cacti
| Package | 18.04 LTS |
|---|---|
| cacti | Needs evaluation |
CVE-2024-54146
Medium priorityCacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of host_templates.php using the graph_template parameter. This vulnerability is fixed in 1.2.29.
1 affected package
cacti
| Package | 18.04 LTS |
|---|---|
| cacti | Needs evaluation |
CVE-2024-54145
Medium priorityCacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the get_discovery_results function of automation_devices.php using the network parameter. This vulnerability is fixed in 1.2.29.
1 affected package
cacti
| Package | 18.04 LTS |
|---|---|
| cacti | Needs evaluation |
CVE-2024-53869
Medium priorityNVIDIA Unified Memory driver for Linux contains a vulnerability where an attacker could leak uninitialized memory. A successful exploit of this vulnerability might lead to information disclosure.
34 affected packages
nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-340, nvidia-graphics-drivers-340-updates, nvidia-graphics-drivers-352...
| Package | 18.04 LTS |
|---|---|
| nvidia-graphics-drivers-304 | — |
| nvidia-graphics-drivers-304-updates | — |
| nvidia-graphics-drivers-340 | Ignored |
| nvidia-graphics-drivers-340-updates | Not affected |
| nvidia-graphics-drivers-352 | Not affected |
| nvidia-graphics-drivers-352-updates | Not affected |
| nvidia-graphics-drivers-361 | Not affected |
| nvidia-graphics-drivers-367 | Not affected |
| nvidia-graphics-drivers-375 | Not affected |
| nvidia-graphics-drivers-384 | Not affected |
| nvidia-graphics-drivers-390 | Ignored |
| nvidia-graphics-drivers-418-server | Ignored |
| nvidia-graphics-drivers-430 | Ignored |
| nvidia-graphics-drivers-435 | Ignored |
| nvidia-graphics-drivers-440 | Ignored |
| nvidia-graphics-drivers-440-server | Ignored |
| nvidia-graphics-drivers-450 | Ignored |
| nvidia-graphics-drivers-450-server | Ignored |
| nvidia-graphics-drivers-455 | Ignored |
| nvidia-graphics-drivers-460 | Ignored |
| nvidia-graphics-drivers-460-server | Ignored |
| nvidia-graphics-drivers-470 | Ignored |
| nvidia-graphics-drivers-470-server | Ignored |
| nvidia-graphics-drivers-495 | Not affected |
| nvidia-graphics-drivers-510 | Ignored |
| nvidia-graphics-drivers-510-server | Not affected |
| nvidia-graphics-drivers-515 | Ignored |
| nvidia-graphics-drivers-515-server | Ignored |
| nvidia-graphics-drivers-520 | Ignored |
| nvidia-graphics-drivers-525 | Not affected |
| nvidia-graphics-drivers-525-server | Not affected |
| nvidia-graphics-drivers-530 | Ignored |
| nvidia-graphics-drivers-535 | — |
| nvidia-graphics-drivers-535-server | — |
CVE-2024-45598
Medium priorityCacti is an open source performance and fault management framework. Prior to 1.2.29, an administrator can change the `Poller Standard Error Log Path` parameter in either Installation Step 5 or in Configuration->Settings->Paths tab...
1 affected package
cacti
| Package | 18.04 LTS |
|---|---|
| cacti | Needs evaluation |
CVE-2024-45340
Medium priorityCredentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected...
15 affected packages
golang, golang-1.10, golang-1.13, golang-1.14, golang-1.16...
| Package | 18.04 LTS |
|---|---|
| golang | — |
| golang-1.10 | Needs evaluation |
| golang-1.13 | Needs evaluation |
| golang-1.14 | — |
| golang-1.16 | Needs evaluation |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |
| golang-1.6 | — |
| golang-1.8 | Needs evaluation |
| golang-1.9 | Needs evaluation |