Search CVE reports

41 – 50 of 25504 results

Detailed view

Sort by:

Status is adjusted based on your filters.

CVE-2024-11236

Medium priority

Needs evaluation

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package	22.04 LTS
php5	Not in release
php7.0	Not in release
php7.2	Not in release
php7.4	Not in release
php8.1	Needs evaluation
php8.3	Not in release

CVE-2024-11234

Medium priority

Needs evaluation

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and...

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package	22.04 LTS
php5	Not in release
php7.0	Not in release
php7.2	Not in release
php7.4	Not in release
php8.1	Needs evaluation
php8.3	Not in release

CVE-2024-11586

Medium priority

Needs evaluation

Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected.

1 affected packages

pulseaudio

Package	22.04 LTS
pulseaudio	Needs evaluation

CVE-2024-8805

Medium priority

Needs evaluation

BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not...

125 affected packages

linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...

Package	22.04 LTS
linux	Needs evaluation
linux-allwinner-5.19	Ignored
linux-aws	Needs evaluation
linux-aws-5.0	Not in release
linux-aws-5.11	Not in release
linux-aws-5.13	Not in release
linux-aws-5.15	Not in release
linux-aws-5.19	Ignored
linux-aws-5.3	Not in release
linux-aws-5.4	Not in release
linux-aws-5.8	Not in release
linux-aws-6.2	Ignored
linux-aws-6.5	Ignored
linux-aws-6.8	Needs evaluation
linux-aws-fips	Not in release
linux-aws-hwe	Not in release
linux-azure	Needs evaluation
linux-azure-4.15	Not in release
linux-azure-5.11	Not in release
linux-azure-5.13	Not in release
linux-azure-5.15	Not in release
linux-azure-5.19	Ignored
linux-azure-5.3	Not in release
linux-azure-5.4	Not in release
linux-azure-5.8	Not in release
linux-azure-6.2	Ignored
linux-azure-6.5	Ignored
linux-azure-6.8	Needs evaluation
linux-azure-edge	Not in release
linux-azure-fde	Needs evaluation
linux-azure-fde-5.15	Not in release
linux-azure-fde-5.19	Ignored
linux-azure-fde-6.2	Ignored
linux-azure-fips	Not in release
linux-bluefield	Not in release
linux-fips	Not in release
linux-gcp	Needs evaluation
linux-gcp-4.15	Not in release
linux-gcp-5.11	Not in release
linux-gcp-5.13	Not in release
linux-gcp-5.15	Not in release
linux-gcp-5.19	Ignored
linux-gcp-5.3	Not in release
linux-gcp-5.4	Not in release
linux-gcp-5.8	Not in release
linux-gcp-6.2	Ignored
linux-gcp-6.5	Ignored
linux-gcp-6.8	Needs evaluation
linux-gcp-fips	Not in release
linux-gke	Needs evaluation
linux-gke-4.15	Not in release
linux-gke-5.15	Not in release
linux-gke-5.4	Not in release
linux-gkeop	Needs evaluation
linux-gkeop-5.15	Not in release
linux-gkeop-5.4	Not in release
linux-hwe	Not in release
linux-hwe-5.11	Not in release
linux-hwe-5.13	Not in release
linux-hwe-5.15	Not in release
linux-hwe-5.19	Ignored
linux-hwe-5.4	Not in release
linux-hwe-5.8	Not in release
linux-hwe-6.2	Ignored
linux-hwe-6.5	Ignored
linux-hwe-6.8	Needs evaluation
linux-hwe-edge	Not in release
linux-ibm	Needs evaluation
linux-ibm-5.15	Not in release
linux-ibm-5.4	Not in release
linux-intel	Not in release
linux-intel-5.13	Not in release
linux-intel-iot-realtime	Not in release
linux-intel-iotg	Needs evaluation
linux-intel-iotg-5.15	Not in release
linux-iot	Not in release
linux-kvm	Needs evaluation
linux-lowlatency	Needs evaluation
linux-lowlatency-hwe-5.15	Not in release
linux-lowlatency-hwe-5.19	Ignored
linux-lowlatency-hwe-6.2	Ignored
linux-lowlatency-hwe-6.5	Ignored
linux-lowlatency-hwe-6.8	Needs evaluation
linux-lts-xenial	Not in release
linux-nvidia	Needs evaluation
linux-nvidia-6.2	Ignored
linux-nvidia-6.5	Ignored
linux-nvidia-6.8	Needs evaluation
linux-nvidia-lowlatency	Not in release
linux-oem	Not in release
linux-oem-5.10	Not in release
linux-oem-5.13	Not in release
linux-oem-5.14	Not in release
linux-oem-5.17	Ignored
linux-oem-5.6	Not in release
linux-oem-6.0	Ignored
linux-oem-6.1	Ignored
linux-oem-6.5	Ignored
linux-oem-6.8	Not in release
linux-oracle	Needs evaluation
linux-oracle-5.0	Not in release
linux-oracle-5.11	Not in release
linux-oracle-5.13	Not in release
linux-oracle-5.15	Not in release
linux-oracle-5.3	Not in release
linux-oracle-5.4	Not in release
linux-oracle-5.8	Not in release
linux-oracle-6.5	Ignored
linux-oracle-6.8	Needs evaluation
linux-raspi	Needs evaluation
linux-raspi-5.4	Not in release
linux-raspi-realtime	Not in release
linux-raspi2	Not in release
linux-realtime	Ignored
linux-riscv	Ignored
linux-riscv-5.11	Not in release
linux-riscv-5.15	Not in release
linux-riscv-5.19	Ignored
linux-riscv-5.8	Not in release
linux-riscv-6.5	Ignored
linux-riscv-6.8	Needs evaluation
linux-starfive-5.19	Ignored
linux-starfive-6.2	Ignored
linux-starfive-6.5	Ignored
linux-xilinx-zynqmp	Needs evaluation

CVE-2024-11612

Medium priority

Needs evaluation

7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to...

2 affected packages

7zip, p7zip

Package	22.04 LTS
7zip	Needs evaluation
p7zip	Needs evaluation

CVE-2024-10220

Medium priority

Needs evaluation

The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2.

1 affected packages

kubernetes

Package	22.04 LTS
kubernetes	Needs evaluation

CVE-2024-52804

Medium priority

Needs evaluation

Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when...

1 affected packages

python-tornado

Package	22.04 LTS
python-tornado	Needs evaluation

CVE-2024-8929

Medium priority

Needs evaluation

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other...

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package	22.04 LTS
php5	Not in release
php7.0	Not in release
php7.2	Not in release
php7.4	Not in release
php8.1	Needs evaluation
php8.3	Not in release

CVE-2024-8932

Medium priority

Needs evaluation

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package	22.04 LTS
php5	Not in release
php7.0	Not in release
php7.2	Not in release
php7.4	Not in release
php8.1	Needs evaluation
php8.3	Not in release

CVE-2024-11477

Medium priority

Needs evaluation

7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is...

2 affected packages

7zip, p7zip

Package	22.04 LTS
7zip	Needs evaluation
p7zip	Needs evaluation

Export to JSON

Results by page: