Search CVE reports
3431 – 3440 of 60258 results
A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled....
1 affected package
libapache2-mod-auth-openidc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libapache2-mod-auth-openidc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
When DNSdist is configured to provide DoH via the nghttp2 provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access (double-free) and crash of DNSdist, causing a denial...
1 affected package
dnsdist
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| dnsdist | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 40 of 54
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame Andrew and Nikolay reported connectivity issues with Cilium's service load-balancing in case of...
144 affected packages
linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11, linux-hwe-5.13...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux-hwe | Not in release | Not in release | Not in release | Ignored |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.8 | Not in release | Not in release | Ignored | Not in release |
| linux-hwe-5.11 | Not in release | Not in release | Ignored | Not in release |
| linux-hwe-5.13 | Not in release | Not in release | Ignored | Not in release |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-5.19 | Not in release | Ignored | Not in release | Not in release |
| linux-hwe-6.2 | Not in release | Ignored | Not in release | Not in release |
| linux-hwe-6.5 | Not in release | Ignored | Not in release | Not in release |
| linux-hwe-6.8 | Not in release | Fixed | Not in release | Not in release |
| linux-hwe-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux | Fixed | Not affected | Not affected | Not affected |
| linux-hwe-edge | Not in release | Not in release | Not in release | Ignored |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release |
| linux-kvm | Not in release | Not affected | Not affected | Not affected |
| linux-allwinner-5.19 | Not in release | Ignored | Not in release | Not in release |
| linux-aws-5.0 | Not in release | Not in release | Not in release | Ignored |
| linux-aws-5.3 | Not in release | Not in release | Not in release | Ignored |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-aws-5.8 | Not in release | Not in release | Ignored | Not in release |
| linux-aws-5.11 | Not in release | Not in release | Ignored | Not in release |
| linux-aws-5.13 | Not in release | Not in release | Ignored | Not in release |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-aws-5.19 | Not in release | Ignored | Not in release | Not in release |
| linux-aws-6.2 | Not in release | Ignored | Not in release | Not in release |
| linux-aws-6.5 | Not in release | Ignored | Not in release | Not in release |
| linux-aws-6.8 | Not in release | Fixed | Not in release | Not in release |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release |
| linux-azure | Fixed | Not affected | Not affected | Ignored |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.3 | Not in release | Not in release | Not in release | Ignored |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.8 | Not in release | Not in release | Ignored | Not in release |
| linux-azure-5.11 | Not in release | Not in release | Ignored | Not in release |
| linux-azure-5.13 | Not in release | Not in release | Ignored | Not in release |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.19 | Not in release | Ignored | Not in release | Not in release |
| linux-azure-6.2 | Not in release | Ignored | Not in release | Not in release |
| linux-azure-6.5 | Not in release | Ignored | Not in release | Not in release |
| linux-azure-6.8 | Not in release | Fixed | Not in release | Not in release |
| linux-azure-6.11 | Fixed | Not in release | Not in release | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde-5.19 | Not in release | Ignored | Not in release | Not in release |
| linux-azure-fde-6.2 | Not in release | Ignored | Not in release | Not in release |
| linux-azure-nvidia | Fixed | Not in release | Not in release | Not in release |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release |
| linux-azure-edge | Not in release | Not in release | Not in release | Ignored |
| linux-fips | Not in release | Not affected | Not affected | Not affected |
| linux-aws-fips | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp | Fixed | Not affected | Not affected | Ignored |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.3 | Not in release | Not in release | Not in release | Ignored |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.8 | Not in release | Not in release | Ignored | Not in release |
| linux-gcp-5.11 | Not in release | Not in release | Ignored | Not in release |
| linux-gcp-5.13 | Not in release | Not in release | Ignored | Not in release |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.19 | Not in release | Ignored | Not in release | Not in release |
| linux-gcp-6.2 | Not in release | Ignored | Not in release | Not in release |
| linux-gcp-6.5 | Not in release | Ignored | Not in release | Not in release |
| linux-gcp-6.8 | Not in release | Fixed | Not in release | Not in release |
| linux-gcp-6.11 | Fixed | Not in release | Not in release | Not in release |
| linux-gke | Fixed | Not affected | Ignored | Not in release |
| linux-gke-4.15 | Not in release | Not in release | Not in release | Ignored |
| linux-gke-5.4 | Not in release | Not in release | Not in release | Ignored |
| linux-gke-5.15 | Not in release | Not in release | Ignored | Not in release |
| linux-gkeop | Fixed | Not affected | Ignored | Not in release |
| linux-gkeop-5.4 | Not in release | Not in release | Not in release | Ignored |
| linux-gkeop-5.15 | Not in release | Not in release | Ignored | Not in release |
| linux-ibm | Fixed | Not affected | Not affected | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-intel-5.13 | Not in release | Not in release | Ignored | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release |
| linux-intel-iot-realtime | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency | Fixed | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release | Ignored | Not in release | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release | Ignored | Not in release | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release | Ignored | Not in release | Not in release |
| linux-oracle-5.8 | Not in release | Not in release | Ignored | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Fixed | Not in release | Not in release |
| linux-lowlatency-hwe-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia | Fixed | Not affected | Not in release | Not in release |
| linux-nvidia-6.2 | Not in release | Ignored | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Ignored | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Fixed | Not in release | Not in release |
| linux-nvidia-lowlatency | Fixed | Not in release | Not in release | Not in release |
| linux-nvidia-tegra | Vulnerable | Not affected | Not in release | Not in release |
| linux-nvidia-tegra-igx | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-5.0 | Not in release | Not in release | Not in release | Ignored |
| linux-oracle-5.3 | Not in release | Not in release | Not in release | Ignored |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-5.11 | Not in release | Not in release | Ignored | Not in release |
| linux-oracle-5.13 | Not in release | Not in release | Ignored | Not in release |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-6.5 | Not in release | Ignored | Not in release | Not in release |
| linux-oracle-6.8 | Not in release | Fixed | Not in release | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Ignored |
| linux-oem-5.6 | Not in release | Not in release | Ignored | Not in release |
| linux-oem-5.10 | Not in release | Not in release | Ignored | Not in release |
| linux-oem-5.13 | Not in release | Not in release | Ignored | Not in release |
| linux-oem-5.14 | Not in release | Not in release | Ignored | Not in release |
| linux-oem-5.17 | Not in release | Ignored | Not in release | Not in release |
| linux-oem-6.0 | Not in release | Ignored | Not in release | Not in release |
| linux-oem-6.1 | Not in release | Ignored | Not in release | Not in release |
| linux-oem-6.5 | Not in release | Ignored | Not in release | Not in release |
| linux-oem-6.8 | Fixed | Not in release | Not in release | Not in release |
| linux-oem-6.11 | Fixed | Not in release | Not in release | Not in release |
| linux-raspi2 | Not in release | Not in release | Ignored | Ignored |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | Fixed | Not in release | Not in release | Not in release |
| linux-realtime | Fixed | Not affected | Not in release | Not in release |
| linux-riscv | Fixed | Ignored | Ignored | Not in release |
| linux-riscv-5.8 | Not in release | Not in release | Ignored | Not in release |
| linux-riscv-5.11 | Not in release | Not in release | Ignored | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-5.19 | Not in release | Ignored | Not in release | Not in release |
| linux-riscv-6.5 | Not in release | Ignored | Not in release | Not in release |
| linux-riscv-6.8 | Not in release | Fixed | Not in release | Not in release |
| linux-starfive-5.19 | Not in release | Ignored | Not in release | Not in release |
| linux-starfive-6.2 | Not in release | Ignored | Not in release | Not in release |
| linux-starfive-6.5 | Not in release | Ignored | Not in release | Not in release |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release |
| linux-aws | Fixed | Not affected | Not affected | Not affected |
| linux-oracle | Fixed | Not affected | Not affected | Not affected |
| linux-raspi | Fixed | Not affected | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-tegra-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-oem-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-riscv-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-ibm-6.8 | Not in release | Fixed | Not in release | Not in release |
| linux-aws-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-oracle-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.11 | Fixed | Not in release | Not in release | Not in release |
| linux-realtime-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-realtime-6.8 | Not in release | Fixed | Not in release | Not in release |
Some fixes available 2 of 9
Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If...
5 affected packages
tomcat6, tomcat7, tomcat8, tomcat10, tomcat9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tomcat6 | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | Not in release | Not in release | Not in release | Vulnerable |
| tomcat10 | Fixed | Not in release | Not in release | — |
| tomcat9 | Not affected | Vulnerable | Vulnerable | Vulnerable |
Some fixes available 1 of 2
Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such...
5 affected packages
tomcat6, tomcat7, tomcat8, tomcat10, tomcat9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tomcat6 | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | Not in release | Not in release | Not in release | Not affected |
| tomcat10 | Fixed | Not in release | Not in release | — |
| tomcat9 | Not affected | Not affected | Not affected | Not affected |
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory exhaustion when net-imap reads...
7 affected packages
ruby2.3, ruby2.5, ruby2.7, ruby3.0, ruby3.2...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ruby2.3 | Not in release | Not in release | Not in release | — |
| ruby2.5 | Not in release | Not in release | Not in release | Needs evaluation |
| ruby2.7 | Not in release | Not in release | Needs evaluation | — |
| ruby3.0 | Not in release | Needs evaluation | Not in release | — |
| ruby3.2 | Needs evaluation | Not in release | Not in release | — |
| ruby3.3 | Not in release | Not in release | Not in release | — |
| jruby | Needs evaluation | Not in release | Needs evaluation | Needs evaluation |
A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross...
1 affected package
redmine
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redmine | Not in release | Not in release | Needs evaluation | Needs evaluation |
built-in shell still present in AAVMF secboot image
1 affected package
edk2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| edk2 | Fixed | Not affected | Not affected | Not affected |
EndpointRequest.to() creates a matcher for null/** if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are...
1 affected package
libspring-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libspring-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
1 affected package
quickjs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| quickjs | Needs evaluation | Not in release | Not in release | — |