Search CVE reports
1081 – 1090 of 39749 results
The comparator function used for ordering DTLS packets by sequence numbers did not follow qsort comparator contracts in case of packets with duplicate sequence numbers, which could lead to undefined behaviour.
1 affected package
gnutls28
| Package | 22.04 LTS |
|---|---|
| gnutls28 | Needs evaluation |
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees`...
1 affected package
gnutls28
| Package | 22.04 LTS |
|---|---|
| gnutls28 | Needs evaluation |
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable...
1 affected package
gnutls28
| Package | 22.04 LTS |
|---|---|
| gnutls28 | Needs evaluation |
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: add missing netlink_ns_capable() check for peer netns rtnl_newlink() lacks a CAP_NET_ADMIN capability check on the peer network namespace when creating...
157 affected packages
linux-hwe, linux-hwe-5.4, linux, linux-hwe-5.8, linux-hwe-5.11...
| Package | 22.04 LTS |
|---|---|
| linux-hwe | Not in release |
| linux-hwe-5.4 | Not in release |
| linux | Vulnerable |
| linux-hwe-5.8 | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Ignored |
| linux-hwe-6.2 | Ignored |
| linux-hwe-6.5 | Ignored |
| linux-hwe-6.8 | Vulnerable |
| linux-hwe-6.11 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-hwe-6.17 | Not in release |
| linux-hwe-edge | Not in release |
| linux-lts-xenial | Not in release |
| linux-kvm | Vulnerable |
| linux-allwinner-5.19 | Ignored |
| linux-aws | Vulnerable |
| linux-aws-5.0 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-5.8 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Ignored |
| linux-aws-6.2 | Ignored |
| linux-aws-6.5 | Ignored |
| linux-aws-6.8 | Vulnerable |
| linux-aws-6.14 | Not in release |
| linux-aws-6.17 | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure-4.15 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Ignored |
| linux-azure-6.2 | Ignored |
| linux-azure-6.5 | Ignored |
| linux-azure-6.8 | Vulnerable |
| linux-azure-6.11 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-6.17 | Not in release |
| linux-azure-fde | Vulnerable |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Ignored |
| linux-azure-fde-6.2 | Ignored |
| linux-azure-fde-6.8 | Vulnerable |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-fde-6.17 | Not in release |
| linux-azure-nvidia | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
| linux-bluefield | Not in release |
| linux-azure-edge | Not in release |
| linux-fips | Vulnerable |
| linux-aws-fips | Vulnerable |
| linux-azure-fips | Vulnerable |
| linux-gcp-fips | Vulnerable |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Ignored |
| linux-gcp-6.2 | Ignored |
| linux-gcp-6.5 | Ignored |
| linux-gcp-6.8 | Vulnerable |
| linux-gcp-6.11 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-gcp-6.17 | Not in release |
| linux-gke | Vulnerable |
| linux-gke-4.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gke-5.15 | Not in release |
| linux-gkeop | Vulnerable |
| linux-gkeop-5.4 | Not in release |
| linux-gkeop-5.15 | Not in release |
| linux-ibm | Vulnerable |
| linux-ibm-5.4 | Not in release |
| linux-ibm-5.15 | Not in release |
| linux-ibm-6.8 | Vulnerable |
| linux-intel-5.13 | Not in release |
| linux-intel-iotg | Vulnerable |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-intel-iot-realtime | Vulnerable |
| linux-lowlatency | Vulnerable |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Ignored |
| linux-lowlatency-hwe-6.2 | Ignored |
| linux-lowlatency-hwe-6.5 | Ignored |
| linux-lowlatency-hwe-6.8 | Vulnerable |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia | Vulnerable |
| linux-nvidia-6.2 | Ignored |
| linux-nvidia-6.5 | Ignored |
| linux-nvidia-6.8 | Vulnerable |
| linux-nvidia-6.11 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-nvidia-tegra | Vulnerable |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-nvidia-tegra-igx | Vulnerable |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-6.5 | Ignored |
| linux-oracle-6.8 | Vulnerable |
| linux-oracle-6.14 | Not in release |
| linux-oracle-6.17 | Not in release |
| linux-oracle | Vulnerable |
| linux-oem | Not in release |
| linux-oem-5.6 | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Ignored |
| linux-oem-6.0 | Ignored |
| linux-oem-6.1 | Ignored |
| linux-oem-6.5 | Ignored |
| linux-oem-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-oem-6.14 | Not in release |
| linux-oem-6.17 | Not in release |
| linux-raspi2 | Not in release |
| linux-raspi-5.4 | Not in release |
| linux-raspi-realtime | Not in release |
| linux-realtime-6.8 | Vulnerable |
| linux-realtime-6.14 | Not in release |
| linux-riscv | Ignored |
| linux-riscv-5.8 | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Ignored |
| linux-riscv-6.5 | Ignored |
| linux-riscv-6.8 | Vulnerable |
| linux-riscv-6.14 | Not in release |
| linux-riscv-6.17 | Not in release |
| linux-starfive-5.19 | Ignored |
| linux-starfive-6.2 | Ignored |
| linux-starfive-6.5 | Ignored |
| linux-xilinx | Not in release |
| linux-xilinx-zynqmp | Vulnerable |
| linux-realtime-6.17 | Not in release |
| linux-azure | Vulnerable |
| linux-gcp | Vulnerable |
| linux-raspi | Vulnerable |
| linux-realtime | Vulnerable |
Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation setting (sendfile type) to be set by the client via the X-Sendfile-Type...
1 affected package
libplack-perl
| Package | 22.04 LTS |
|---|---|
| libplack-perl | Needs evaluation |
wget2 accepts a server certificate with incorrect Key Usage (KU) or Extended Key Usage (EKU). If the attackers compromise a certificate (with the associated private key) issued for a different purpose, they may be able to reuse it...
1 affected package
wget2
| Package | 22.04 LTS |
|---|---|
| wget2 | Needs evaluation |
PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by processing malformed PDF files during merge operations. Attackers can trigger a segmentation fault in...
1 affected package
poppler
| Package | 22.04 LTS |
|---|---|
| poppler | Not affected |
librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to...
1 affected package
librsvg
| Package | 22.04 LTS |
|---|---|
| librsvg | Not affected |
Not in release
An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with another user account. This could affect how authentication is performed...
1 affected package
mongodb
| Package | 22.04 LTS |
|---|---|
| mongodb | Not in release |
Not in release
Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB...
1 affected package
mongodb
| Package | 22.04 LTS |
|---|---|
| mongodb | Not in release |