Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

41 – 50 of 26986 results

Status is adjusted based on your filters.


CVE-2024-11236

Medium priority
Needs evaluation

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package 20.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Needs evaluation
php8.1 Not in release
php8.3 Not in release
Show less packages

CVE-2024-11234

Medium priority
Needs evaluation

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and...

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package 20.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Needs evaluation
php8.1 Not in release
php8.3 Not in release
Show less packages

CVE-2024-11586

Medium priority
Needs evaluation

Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected.

1 affected packages

pulseaudio

Package 20.04 LTS
pulseaudio Needs evaluation
Show less packages

CVE-2024-8805

Medium priority
Needs evaluation

BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not...

125 affected packages

linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...

Package 20.04 LTS
linux Needs evaluation
linux-allwinner-5.19 Not in release
linux-aws Needs evaluation
linux-aws-5.0 Not in release
linux-aws-5.11 Ignored
linux-aws-5.13 Ignored
linux-aws-5.15 Needs evaluation
linux-aws-5.19 Not in release
linux-aws-5.3 Not in release
linux-aws-5.4 Not in release
linux-aws-5.8 Ignored
linux-aws-6.2 Not in release
linux-aws-6.5 Not in release
linux-aws-6.8 Not in release
linux-aws-fips Not in release
linux-aws-hwe Not in release
linux-azure Needs evaluation
linux-azure-4.15 Not in release
linux-azure-5.11 Ignored
linux-azure-5.13 Ignored
linux-azure-5.15 Needs evaluation
linux-azure-5.19 Not in release
linux-azure-5.3 Not in release
linux-azure-5.4 Not in release
linux-azure-5.8 Ignored
linux-azure-6.2 Not in release
linux-azure-6.5 Not in release
linux-azure-6.8 Not in release
linux-azure-edge Not in release
linux-azure-fde Ignored
linux-azure-fde-5.15 Needs evaluation
linux-azure-fde-5.19 Not in release
linux-azure-fde-6.2 Not in release
linux-azure-fips Not in release
linux-bluefield Needs evaluation
linux-fips Not in release
linux-gcp Needs evaluation
linux-gcp-4.15 Not in release
linux-gcp-5.11 Ignored
linux-gcp-5.13 Ignored
linux-gcp-5.15 Needs evaluation
linux-gcp-5.19 Not in release
linux-gcp-5.3 Not in release
linux-gcp-5.4 Not in release
linux-gcp-5.8 Ignored
linux-gcp-6.2 Not in release
linux-gcp-6.5 Not in release
linux-gcp-6.8 Not in release
linux-gcp-fips Not in release
linux-gke Ignored
linux-gke-4.15 Not in release
linux-gke-5.15 Ignored
linux-gke-5.4 Not in release
linux-gkeop Ignored
linux-gkeop-5.15 Ignored
linux-gkeop-5.4 Not in release
linux-hwe Not in release
linux-hwe-5.11 Ignored
linux-hwe-5.13 Ignored
linux-hwe-5.15 Needs evaluation
linux-hwe-5.19 Not in release
linux-hwe-5.4 Not in release
linux-hwe-5.8 Ignored
linux-hwe-6.2 Not in release
linux-hwe-6.5 Not in release
linux-hwe-6.8 Not in release
linux-hwe-edge Not in release
linux-ibm Needs evaluation
linux-ibm-5.15 Needs evaluation
linux-ibm-5.4 Not in release
linux-intel Not in release
linux-intel-5.13 Ignored
linux-intel-iot-realtime Not in release
linux-intel-iotg Not in release
linux-intel-iotg-5.15 Needs evaluation
linux-iot Needs evaluation
linux-kvm Needs evaluation
linux-lowlatency Not in release
linux-lowlatency-hwe-5.15 Needs evaluation
linux-lowlatency-hwe-5.19 Not in release
linux-lowlatency-hwe-6.2 Not in release
linux-lowlatency-hwe-6.5 Not in release
linux-lowlatency-hwe-6.8 Not in release
linux-lts-xenial Not in release
linux-nvidia Not in release
linux-nvidia-6.2 Not in release
linux-nvidia-6.5 Not in release
linux-nvidia-6.8 Not in release
linux-nvidia-lowlatency Not in release
linux-oem Not in release
linux-oem-5.10 Ignored
linux-oem-5.13 Ignored
linux-oem-5.14 Ignored
linux-oem-5.17 Not in release
linux-oem-5.6 Ignored
linux-oem-6.0 Not in release
linux-oem-6.1 Not in release
linux-oem-6.5 Not in release
linux-oem-6.8 Not in release
linux-oracle Needs evaluation
linux-oracle-5.0 Not in release
linux-oracle-5.11 Ignored
linux-oracle-5.13 Ignored
linux-oracle-5.15 Needs evaluation
linux-oracle-5.3 Not in release
linux-oracle-5.4 Not in release
linux-oracle-5.8 Ignored
linux-oracle-6.5 Not in release
linux-oracle-6.8 Not in release
linux-raspi Needs evaluation
linux-raspi-5.4 Not in release
linux-raspi-realtime Not in release
linux-raspi2 Ignored
linux-realtime Not in release
linux-riscv Ignored
linux-riscv-5.11 Ignored
linux-riscv-5.15 Needs evaluation
linux-riscv-5.19 Not in release
linux-riscv-5.8 Ignored
linux-riscv-6.5 Not in release
linux-riscv-6.8 Not in release
linux-starfive-5.19 Not in release
linux-starfive-6.2 Not in release
linux-starfive-6.5 Not in release
linux-xilinx-zynqmp Needs evaluation
Show all 125 packages Show less packages

CVE-2024-11612

Medium priority
Needs evaluation

7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to...

2 affected packages

7zip, p7zip

Package 20.04 LTS
7zip Not in release
p7zip Needs evaluation
Show less packages

CVE-2024-10220

Medium priority
Needs evaluation

The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2.

1 affected packages

kubernetes

Package 20.04 LTS
kubernetes Needs evaluation
Show less packages

CVE-2024-52804

Medium priority
Needs evaluation

Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when...

1 affected packages

python-tornado

Package 20.04 LTS
python-tornado Needs evaluation
Show less packages

CVE-2024-8929

Medium priority
Needs evaluation

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other...

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package 20.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Needs evaluation
php8.1 Not in release
php8.3 Not in release
Show less packages

CVE-2024-8932

Medium priority
Needs evaluation

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package 20.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Needs evaluation
php8.1 Not in release
php8.3 Not in release
Show less packages

CVE-2024-11477

Medium priority
Needs evaluation

7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is...

2 affected packages

7zip, p7zip

Package 20.04 LTS
7zip Not in release
p7zip Needs evaluation
Show less packages