Search CVE reports
1 – 10 of 20369 results
CVE-2024-9781
Medium priorityAppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file
1 affected packages
wireshark
Package | 24.04 LTS |
---|---|
wireshark | Needs evaluation |
CVE-2024-9780
Medium priorityITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file
1 affected packages
wireshark
Package | 24.04 LTS |
---|---|
wireshark | Needs evaluation |
CVE-2024-6747
Medium priorityNot in release
Information leakage in mknotifyd in Checkmk before 2.3.0p18, 2.2.0p36, 2.1.0p49 and in 2.0.0p39 (EOL) allows attacker to get potentially sensitive data
1 affected packages
check-mk
Package | 24.04 LTS |
---|---|
check-mk | Not in release |
CVE-2024-48958
Medium priorityexecute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.
1 affected packages
libarchive
Package | 24.04 LTS |
---|---|
libarchive | Needs evaluation |
CVE-2024-48957
Medium priorityexecute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.
1 affected packages
libarchive
Package | 24.04 LTS |
---|---|
libarchive | Needs evaluation |
CVE-2024-48949
Medium priorityThe verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits "sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()" validation.
1 affected packages
node-elliptic
Package | 24.04 LTS |
---|---|
node-elliptic | Needs evaluation |
CVE-2024-36051
Medium priorityIn btcd before 0.24.2, removeOpcodeByData mishandles the consensus rules for legacy signature verification. There can be a standard transaction that would be considered valid by Bitcoin Core but invalid by btcd.
2 affected packages
golang-github-btcsuite-btcd-btcec, golang-github-btcsuite-btcd-chaincfg-chainhash
Package | 24.04 LTS |
---|---|
golang-github-btcsuite-btcd-btcec | Needs evaluation |
golang-github-btcsuite-btcd-chaincfg-chainhash | Needs evaluation |
CVE-2024-9680
Medium priorityAn attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
Package | 24.04 LTS |
---|---|
firefox | Not affected |
mozjs102 | Ignored |
mozjs115 | Ignored |
mozjs38 | Not in release |
mozjs52 | Not in release |
mozjs68 | Not in release |
mozjs78 | Not in release |
mozjs91 | Not in release |
thunderbird | Not affected |
CVE-2024-48933
Medium priorityA cross-site scripting (XSS) vulnerability in LemonLDAP::NG before 2.19.3 allows remote attackers to inject arbitrary web script or HTML into the login page via a username if userControl has been set to a non-default value that...
1 affected packages
lemonldap-ng
Package | 24.04 LTS |
---|---|
lemonldap-ng | Needs evaluation |
CVE-2024-47828
Medium priorityNot in release
ampache is a web based audio/video streaming application and file manager. A CSRF attack can be performed in order to delete objects (Playlist, smartlist etc.). Cross-Site Request Forgery (CSRF) is an attack that...
1 affected packages
ampache
Package | 24.04 LTS |
---|---|
ampache | Not in release |