Search CVE reports
9221 – 9230 of 65165 results
When requesting an OpenPGP key from a WKD server, an incorrect padding size was used and a network observer could have learned the length of the requested email address. This vulnerability affects Thunderbird < 136 and Thunderbird < 128.8.
1 affected package
thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| thunderbird | Not affected | Fixed | Not in release | — |
Some fixes available 3 of 18
A cookie management issue was addressed with improved state management. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| webkitgtk | Not in release | Not in release | Not in release | Ignored |
| webkit2gtk | Fixed | Fixed | Ignored | Ignored |
| qtwebkit-source | Not in release | Not in release | Not in release | Ignored |
| qtwebkit-opensource-src | Ignored | Ignored | Ignored | Ignored |
| wpewebkit | Not in release | Ignored | Ignored | — |
Some fixes available 3 of 18
The issue was addressed with improved checks. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash.
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| webkitgtk | Not in release | Not in release | Not in release | Ignored |
| webkit2gtk | Fixed | Fixed | Ignored | Ignored |
| qtwebkit-source | Not in release | Not in release | Not in release | Ignored |
| qtwebkit-opensource-src | Ignored | Ignored | Ignored | Ignored |
| wpewebkit | Not in release | Ignored | Ignored | — |
Nomad Community and Nomad Enterprise (“Nomad”) are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad...
1 affected package
nomad
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| nomad | Not in release | Not in release | Needs evaluation | Needs evaluation |
Some fixes available 8 of 9
Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat10, tomcat9, tomcat11
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tomcat6 | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | Not in release | Not in release | Not in release | Not affected |
| tomcat10 | Fixed | Not in release | Not in release | — |
| tomcat9 | Fixed | Fixed | Fixed | Fixed |
| tomcat11 | Not in release | Not in release | Not in release | Not in release |
A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is...
5 affected packages
insighttoolkit, insighttoolkit4, hdf5, insighttoolkit5, paraview
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| insighttoolkit | Not in release | Not in release | Not in release | — |
| insighttoolkit4 | Not in release | Needs evaluation | Ignored | Needs evaluation |
| hdf5 | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| insighttoolkit5 | Needs evaluation | Needs evaluation | Not in release | — |
| paraview | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File...
1 affected package
assimp
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| assimp | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation...
1 affected package
assimp
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| assimp | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnq_Sigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zero_point...
1 affected package
pytorch
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pytorch | Not in release | Needs evaluation | Not in release | — |
A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.ops.profiler._call_end_callbacks_on_jit_fut of the component Tuple Handler. The manipulation...
1 affected package
pytorch
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pytorch | Not in release | Needs evaluation | Not in release | — |