Search CVE reports
5061 – 5070 of 44076 results
In parseUriInternal of Intent.java, there is a possible infinite loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...
1 affected package
android-platform-frameworks-base
| Package | 16.04 LTS |
|---|---|
| android-platform-frameworks-base | Ignored |
In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. This could lead to remote code execution with no additional...
1 affected package
android-platform-libcore
| Package | 16.04 LTS |
|---|---|
| android-platform-libcore | Needs evaluation |
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level.
2 affected packages
flightgear, simgear
| Package | 16.04 LTS |
|---|---|
| flightgear | Needs evaluation |
| simgear | Needs evaluation |
A vulnerability has been identified in Node.js, specifically affecting the handling of drive names in the Windows environment. Certain Node.js functions do not treat drive names as special on Windows. As a result, although Node.js...
1 affected package
nodejs
| Package | 16.04 LTS |
|---|---|
| nodejs | Not affected |
A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only...
18 affected packages
snapd, lxd, golang, golang-1.6, golang-1.8...
| Package | 16.04 LTS |
|---|---|
| snapd | Needs evaluation |
| lxd | Needs evaluation |
| golang | — |
| golang-1.6 | Needs evaluation |
| golang-1.8 | — |
| golang-1.9 | — |
| golang-1.10 | Needs evaluation |
| golang-1.13 | Needs evaluation |
| golang-1.14 | — |
| golang-1.16 | — |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |
| golang-go.crypto | Needs evaluation |
The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event...
16 affected packages
golang-1.22, golang-1.23, golang-1.21, golang, golang-1.6...
| Package | 16.04 LTS |
|---|---|
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.21 | Not in release |
| golang | Not in release |
| golang-1.6 | Needs evaluation |
| golang-1.8 | Not in release |
| golang-1.9 | Not in release |
| golang-1.10 | Needs evaluation |
| golang-1.13 | Needs evaluation |
| golang-1.14 | Not in release |
| golang-1.16 | Not in release |
| golang-1.17 | Not in release |
| golang-1.18 | Needs evaluation |
| golang-1.19 | Not in release |
| golang-1.20 | Not in release |
| golang-1.24 | — |
Using ParsePKCS1PrivateKey to parse a RSA key that is missing the CRT values would panic when verifying that the key is well formed.
15 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 16.04 LTS |
|---|---|
| golang | — |
| golang-1.6 | Needs evaluation |
| golang-1.8 | — |
| golang-1.9 | — |
| golang-1.10 | Needs evaluation |
| golang-1.13 | Needs evaluation |
| golang-1.14 | — |
| golang-1.16 | — |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
NVIDIA Unified Memory driver for Linux contains a vulnerability where an attacker could leak uninitialized memory. A successful exploit of this vulnerability might lead to information disclosure.
41 affected packages
nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-340, nvidia-graphics-drivers-340-updates, nvidia-graphics-drivers-352...
| Package | 16.04 LTS |
|---|---|
| nvidia-graphics-drivers-304 | Ignored |
| nvidia-graphics-drivers-304-updates | Not affected |
| nvidia-graphics-drivers-340 | Ignored |
| nvidia-graphics-drivers-340-updates | Not affected |
| nvidia-graphics-drivers-352 | Not affected |
| nvidia-graphics-drivers-352-updates | Not affected |
| nvidia-graphics-drivers-361 | Not affected |
| nvidia-graphics-drivers-367 | Not affected |
| nvidia-graphics-drivers-375 | Not affected |
| nvidia-graphics-drivers-384 | Not affected |
| nvidia-graphics-drivers-390 | — |
| nvidia-graphics-drivers-418-server | — |
| nvidia-graphics-drivers-430 | — |
| nvidia-graphics-drivers-435 | — |
| nvidia-graphics-drivers-440 | — |
| nvidia-graphics-drivers-440-server | — |
| nvidia-graphics-drivers-450 | — |
| nvidia-graphics-drivers-450-server | — |
| nvidia-graphics-drivers-455 | — |
| nvidia-graphics-drivers-460 | — |
| nvidia-graphics-drivers-460-server | — |
| nvidia-graphics-drivers-470 | — |
| nvidia-graphics-drivers-470-server | — |
| nvidia-graphics-drivers-495 | — |
| nvidia-graphics-drivers-510 | — |
| nvidia-graphics-drivers-510-server | — |
| nvidia-graphics-drivers-515 | — |
| nvidia-graphics-drivers-515-server | — |
| nvidia-graphics-drivers-520 | — |
| nvidia-graphics-drivers-525 | — |
| nvidia-graphics-drivers-525-server | — |
| nvidia-graphics-drivers-530 | — |
| nvidia-graphics-drivers-535 | — |
| nvidia-graphics-drivers-535-server | — |
| nvidia-graphics-drivers-545 | Not in release |
| nvidia-graphics-drivers-550 | Not in release |
| nvidia-graphics-drivers-550-server | Not in release |
| nvidia-graphics-drivers-560 | Not in release |
| nvidia-graphics-drivers-565-server | Not in release |
| nvidia-graphics-drivers-570 | Not in release |
| nvidia-graphics-drivers-570-server | Not in release |
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected...
15 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 16.04 LTS |
|---|---|
| golang | — |
| golang-1.6 | Needs evaluation |
| golang-1.8 | — |
| golang-1.9 | — |
| golang-1.10 | Needs evaluation |
| golang-1.13 | Needs evaluation |
| golang-1.14 | — |
| golang-1.16 | — |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |