Search CVE reports
1 – 10 of 1734 results
CVE-2024-54662
Medium priorityDante 1.4.0 through 1.4.3 (fixed in 1.4.4) has incorrect access control for some sockd.conf configurations involving socksmethod.
1 affected package
dante
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dante | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-6388
Medium prioritySome fixes available 5 of 6
Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the token as an argument in plaintext.
1 affected package
ubuntu-advantage-desktop-daemon
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ubuntu-advantage-desktop-daemon | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2024-3772
Medium prioritySome fixes available 2 of 3
Regular expression denial of service in Pydanic < 2.4.0, < 1.10.13 allows remote attackers to cause denial of service via a crafted email string.
1 affected package
pydantic
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| pydantic | Not affected | Fixed | Fixed | — | — |
CVE-2024-23635
Medium priorityAntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to 1.7.5, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of the HTML...
1 affected package
libowasp-antisamy-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libowasp-antisamy-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-43643
Medium priorityAntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to version 1.7.4, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of...
1 affected package
libowasp-antisamy-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libowasp-antisamy-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-3432
Medium priorityServer-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml prior to 1.2023.9.
1 affected package
plantuml
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| plantuml | Needs evaluation | Vulnerable | Not affected | Not affected | Not affected |
CVE-2023-3431
Medium priorityImproper Access Control in GitHub repository plantuml/plantuml prior to 1.2023.9.
1 affected package
plantuml
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| plantuml | Needs evaluation | Vulnerable | Not affected | Not affected | Not affected |
CVE-2022-4515
Medium priorityA flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary...
1 affected package
exuberant-ctags
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| exuberant-ctags | — | Fixed | Fixed | Fixed | Fixed |
CVE-2022-42717
Medium priorityAn issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host...
1 affected package
vagrant
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vagrant | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2011-4916
Low priorityLinux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.
18 affected packages
linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | — |
| linux-armadaxp | — | — | — | — | — |
| linux-ec2 | — | — | — | — | — |
| linux-flo | — | — | — | — | — |
| linux-fsl-imx51 | — | — | — | — | — |
| linux-goldfish | — | — | — | — | — |
| linux-grouper | — | — | — | — | — |
| linux-lts-backport-maverick | — | — | — | — | — |
| linux-lts-backport-natty | — | — | — | — | — |
| linux-lts-backport-oneiric | — | — | — | — | — |
| linux-lts-quantal | — | — | — | — | — |
| linux-lts-raring | — | — | — | — | — |
| linux-lts-saucy | — | — | — | — | — |
| linux-maguro | — | — | — | — | — |
| linux-mako | — | — | — | — | — |
| linux-manta | — | — | — | — | — |
| linux-mvl-dove | — | — | — | — | — |
| linux-ti-omap4 | — | — | — | — | — |