Search CVE reports
3101 – 3110 of 38951 results
Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular...
4 affected packages
openssl, openssl1.0, nodejs, edk2
| Package | 18.04 LTS |
|---|---|
| openssl | Not affected |
| openssl1.0 | Not affected |
| nodejs | Not affected |
| edk2 | Not affected |
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Versions up to and including 2.9.8 are vulnerable to denial of service in one special case (in stable...
2 affected packages
modsecurity, modsecurity-apache
| Package | 18.04 LTS |
|---|---|
| modsecurity | — |
| modsecurity-apache | Fixed |
IEEE P802.11-REVme D1.1 through D7.0 allows FragAttacks against mesh networks. In mesh networks using Wi-Fi Protected Access (WPA, WPA2, or WPA3) or Wired Equivalent Privacy (WEP), an adversary can exploit this vulnerability to...
147 affected packages
linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11...
| Package | 18.04 LTS |
|---|---|
| linux | Ignored |
| linux-hwe | Ignored |
| linux-hwe-5.4 | Ignored |
| linux-hwe-5.8 | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-hwe-6.11 | Not in release |
| linux-hwe-edge | Ignored |
| linux-lts-xenial | Not in release |
| linux-kvm | Ignored |
| linux-allwinner-5.19 | Not in release |
| linux-aws | Ignored |
| linux-aws-5.0 | Ignored |
| linux-aws-5.3 | Ignored |
| linux-aws-5.4 | Ignored |
| linux-aws-5.8 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-aws-6.8 | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure | Ignored |
| linux-azure-4.15 | Ignored |
| linux-azure-5.3 | Ignored |
| linux-azure-5.4 | Ignored |
| linux-azure-5.8 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-azure-6.11 | Not in release |
| linux-azure-fde | Not in release |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-azure-nvidia | Not in release |
| linux-bluefield | Not in release |
| linux-azure-edge | Ignored |
| linux-fips | Needs evaluation |
| linux-aws-fips | Needs evaluation |
| linux-azure-fips | Needs evaluation |
| linux-gcp-fips | Needs evaluation |
| linux-gcp | Ignored |
| linux-gcp-4.15 | Ignored |
| linux-gcp-5.3 | Ignored |
| linux-gcp-5.4 | Ignored |
| linux-gcp-5.8 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-gcp-6.11 | Not in release |
| linux-gke | Not in release |
| linux-gke-4.15 | Ignored |
| linux-gke-5.4 | Ignored |
| linux-gke-5.15 | Not in release |
| linux-gkeop | Not in release |
| linux-gkeop-5.4 | Ignored |
| linux-gkeop-5.15 | Not in release |
| linux-ibm | Not in release |
| linux-ibm-5.4 | Ignored |
| linux-ibm-5.15 | Not in release |
| linux-intel-5.13 | Not in release |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-lowlatency | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia | Not in release |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-nvidia-tegra | Not in release |
| linux-nvidia-tegra-igx | Not in release |
| linux-oracle | Ignored |
| linux-oracle-5.0 | Ignored |
| linux-oracle-5.3 | Ignored |
| linux-oracle-5.4 | Ignored |
| linux-oracle-5.8 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-6.5 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-oem | Ignored |
| linux-oem-5.6 | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-raspi | Not in release |
| linux-raspi2 | Ignored |
| linux-raspi-5.4 | Ignored |
| linux-raspi-realtime | Not in release |
| linux-realtime | Not in release |
| linux-riscv | Not in release |
| linux-riscv-5.8 | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |
| linux-xilinx-zynqmp | Not in release |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-intel | Not in release |
| linux-oem-6.14 | Not in release |
| linux-riscv-6.14 | Not in release |
| linux-ibm-6.8 | Not in release |
| linux-aws-6.14 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-oracle-6.14 | Not in release |
| linux-nvidia-6.11 | Not in release |
| linux-realtime-6.14 | Not in release |
| linux-realtime-6.8 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function `jv_string_vfmt` in the jq_fuzz_execute harness from oss-fuzz. This crash happens on file jv.c, line 1456...
1 affected package
jq
| Package | 18.04 LTS |
|---|---|
| jq | Fixed |
containerd is an open-source container runtime. A bug was found in the containerd's CRI implementation where containerd, starting in version 2.0.1 and prior to version 2.0.5, doesn't put usernamespaced containers under...
2 affected packages
containerd, containerd-app
| Package | 18.04 LTS |
|---|---|
| containerd | Not affected |
| containerd-app | — |
jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. Commit...
1 affected package
jq
| Package | 18.04 LTS |
|---|---|
| jq | Fixed |
Argument injection in special agent configuration in Checkmk <2.4.0p1, <2.3.0p32, <2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files
1 affected package
check-mk
| Package | 18.04 LTS |
|---|---|
| check-mk | Needs evaluation |
In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git transport protocol allowing to store git pack files...
1 affected package
jgit
| Package | 18.04 LTS |
|---|---|
| jgit | Needs evaluation |
A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body,...
2 affected packages
libsoup3, libsoup2.4
| Package | 18.04 LTS |
|---|---|
| libsoup3 | — |
| libsoup2.4 | Fixed |
When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue...
3 affected packages
bind9, isc-dhcp, bind9-libs
| Package | 18.04 LTS |
|---|---|
| bind9 | Not affected |
| isc-dhcp | Not affected |
| bind9-libs | — |