Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

41 – 50 of 21510 results

Status is adjusted based on your filters.


CVE-2024-11236

Medium priority
Needs evaluation

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
Show less packages

CVE-2024-11234

Medium priority
Needs evaluation

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and...

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
Show less packages

CVE-2024-11586

Medium priority
Needs evaluation

Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected.

1 affected packages

pulseaudio

Package 24.04 LTS
pulseaudio Needs evaluation
Show less packages

CVE-2024-8805

Medium priority
Needs evaluation

BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not...

125 affected packages

linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...

Package 24.04 LTS
linux Needs evaluation
linux-allwinner-5.19 Not in release
linux-aws Needs evaluation
linux-aws-5.0 Not in release
linux-aws-5.11 Not in release
linux-aws-5.13 Not in release
linux-aws-5.15 Not in release
linux-aws-5.19 Not in release
linux-aws-5.3 Not in release
linux-aws-5.4 Not in release
linux-aws-5.8 Not in release
linux-aws-6.2 Not in release
linux-aws-6.5 Not in release
linux-aws-6.8 Not in release
linux-aws-fips Not in release
linux-aws-hwe Not in release
linux-azure Needs evaluation
linux-azure-4.15 Not in release
linux-azure-5.11 Not in release
linux-azure-5.13 Not in release
linux-azure-5.15 Not in release
linux-azure-5.19 Not in release
linux-azure-5.3 Not in release
linux-azure-5.4 Not in release
linux-azure-5.8 Not in release
linux-azure-6.2 Not in release
linux-azure-6.5 Not in release
linux-azure-6.8 Not in release
linux-azure-edge Not in release
linux-azure-fde Not in release
linux-azure-fde-5.15 Not in release
linux-azure-fde-5.19 Not in release
linux-azure-fde-6.2 Not in release
linux-azure-fips Not in release
linux-bluefield Not in release
linux-fips Not in release
linux-gcp Needs evaluation
linux-gcp-4.15 Not in release
linux-gcp-5.11 Not in release
linux-gcp-5.13 Not in release
linux-gcp-5.15 Not in release
linux-gcp-5.19 Not in release
linux-gcp-5.3 Not in release
linux-gcp-5.4 Not in release
linux-gcp-5.8 Not in release
linux-gcp-6.2 Not in release
linux-gcp-6.5 Not in release
linux-gcp-6.8 Not in release
linux-gcp-fips Not in release
linux-gke Needs evaluation
linux-gke-4.15 Not in release
linux-gke-5.15 Not in release
linux-gke-5.4 Not in release
linux-gkeop Needs evaluation
linux-gkeop-5.15 Not in release
linux-gkeop-5.4 Not in release
linux-hwe Not in release
linux-hwe-5.11 Not in release
linux-hwe-5.13 Not in release
linux-hwe-5.15 Not in release
linux-hwe-5.19 Not in release
linux-hwe-5.4 Not in release
linux-hwe-5.8 Not in release
linux-hwe-6.2 Not in release
linux-hwe-6.5 Not in release
linux-hwe-6.8 Not in release
linux-hwe-edge Not in release
linux-ibm Needs evaluation
linux-ibm-5.15 Not in release
linux-ibm-5.4 Not in release
linux-intel Needs evaluation
linux-intel-5.13 Not in release
linux-intel-iot-realtime Not in release
linux-intel-iotg Not in release
linux-intel-iotg-5.15 Not in release
linux-iot Not in release
linux-kvm Not in release
linux-lowlatency Needs evaluation
linux-lowlatency-hwe-5.15 Not in release
linux-lowlatency-hwe-5.19 Not in release
linux-lowlatency-hwe-6.2 Not in release
linux-lowlatency-hwe-6.5 Not in release
linux-lowlatency-hwe-6.8 Not in release
linux-lts-xenial Not in release
linux-nvidia Needs evaluation
linux-nvidia-6.2 Not in release
linux-nvidia-6.5 Not in release
linux-nvidia-6.8 Not in release
linux-nvidia-lowlatency Needs evaluation
linux-oem Not in release
linux-oem-5.10 Not in release
linux-oem-5.13 Not in release
linux-oem-5.14 Not in release
linux-oem-5.17 Not in release
linux-oem-5.6 Not in release
linux-oem-6.0 Not in release
linux-oem-6.1 Not in release
linux-oem-6.5 Not in release
linux-oem-6.8 Needs evaluation
linux-oracle Needs evaluation
linux-oracle-5.0 Not in release
linux-oracle-5.11 Not in release
linux-oracle-5.13 Not in release
linux-oracle-5.15 Not in release
linux-oracle-5.3 Not in release
linux-oracle-5.4 Not in release
linux-oracle-5.8 Not in release
linux-oracle-6.5 Not in release
linux-oracle-6.8 Not in release
linux-raspi Needs evaluation
linux-raspi-5.4 Not in release
linux-raspi-realtime Not in release
linux-raspi2 Not in release
linux-realtime Not in release
linux-riscv Needs evaluation
linux-riscv-5.11 Not in release
linux-riscv-5.15 Not in release
linux-riscv-5.19 Not in release
linux-riscv-5.8 Not in release
linux-riscv-6.5 Not in release
linux-riscv-6.8 Not in release
linux-starfive-5.19 Not in release
linux-starfive-6.2 Not in release
linux-starfive-6.5 Not in release
linux-xilinx-zynqmp Not in release
Show all 125 packages Show less packages

CVE-2024-11612

Medium priority
Needs evaluation

7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to...

2 affected packages

7zip, p7zip

Package 24.04 LTS
7zip Needs evaluation
p7zip Not affected
Show less packages

CVE-2024-10220

Medium priority
Needs evaluation

The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2.

1 affected packages

kubernetes

Package 24.04 LTS
kubernetes Needs evaluation
Show less packages

CVE-2024-52804

Medium priority
Needs evaluation

Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when...

1 affected packages

python-tornado

Package 24.04 LTS
python-tornado Needs evaluation
Show less packages

CVE-2024-8929

Medium priority
Needs evaluation

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other...

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
Show less packages

CVE-2024-8932

Medium priority
Needs evaluation

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.

6 affected packages

php5, php7.0, php7.2, php7.4, php8.1, php8.3

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
Show less packages

CVE-2024-11477

Medium priority
Needs evaluation

7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is...

2 affected packages

7zip, p7zip

Package 24.04 LTS
7zip Needs evaluation
p7zip Not affected
Show less packages