Search CVE reports
511 – 520 of 39915 results
A security vulnerability has been detected in GPAC up to 26.02.0. This affects the function sidx_box_read of the file src/isomedia/box_code_base.c. The manipulation leads to allocation of resources. The attack must be carried out...
1 affected package
gpac
| Package | 22.04 LTS |
|---|---|
| gpac | Needs evaluation |
In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG...
157 affected packages
linux-nvidia, linux, linux-aws, linux-aws-5.15, linux-aws-5.4...
| Package | 22.04 LTS |
|---|---|
| linux-nvidia | Needs evaluation |
| linux | Needs evaluation |
| linux-aws | Needs evaluation |
| linux-aws-5.15 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure | Needs evaluation |
| linux-azure-4.15 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-fde-5.15 | Not in release |
| linux-bluefield | Not in release |
| linux-gcp | Needs evaluation |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-hwe | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.4 | Not in release |
| linux-ibm | Needs evaluation |
| linux-ibm-5.15 | Not in release |
| linux-ibm-5.4 | Not in release |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-kvm | Needs evaluation |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lts-xenial | Not in release |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-oracle | Needs evaluation |
| linux-oracle-5.15 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-raspi | Needs evaluation |
| linux-raspi-5.4 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-xilinx-zynqmp | Needs evaluation |
| linux-hwe-5.8 | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.19 | Ignored |
| linux-hwe-6.2 | Ignored |
| linux-hwe-6.5 | Ignored |
| linux-hwe-6.8 | Needs evaluation |
| linux-hwe-6.11 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-hwe-6.17 | Not in release |
| linux-hwe-edge | Not in release |
| linux-allwinner-5.19 | Ignored |
| linux-aws-5.0 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.8 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.19 | Ignored |
| linux-aws-6.2 | Ignored |
| linux-aws-6.5 | Ignored |
| linux-aws-6.8 | Needs evaluation |
| linux-aws-6.14 | Not in release |
| linux-aws-6.17 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.8 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.19 | Ignored |
| linux-azure-6.2 | Ignored |
| linux-azure-6.5 | Ignored |
| linux-azure-6.8 | Needs evaluation |
| linux-azure-6.11 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-6.17 | Not in release |
| linux-azure-fde | Needs evaluation |
| linux-azure-fde-5.19 | Ignored |
| linux-azure-fde-6.2 | Ignored |
| linux-azure-fde-6.8 | Needs evaluation |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-fde-6.17 | Not in release |
| linux-azure-nvidia | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
| linux-azure-edge | Not in release |
| linux-fips | Not in release |
| linux-aws-fips | Not in release |
| linux-azure-fips | Not in release |
| linux-gcp-fips | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.8 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.19 | Ignored |
| linux-gcp-6.2 | Ignored |
| linux-gcp-6.5 | Ignored |
| linux-gcp-6.8 | Needs evaluation |
| linux-gcp-6.11 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-gcp-6.17 | Not in release |
| linux-gke | Needs evaluation |
| linux-gke-4.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gke-5.15 | Not in release |
| linux-gkeop | Needs evaluation |
| linux-gkeop-5.4 | Not in release |
| linux-gkeop-5.15 | Not in release |
| linux-ibm-6.8 | Needs evaluation |
| linux-intel-5.13 | Not in release |
| linux-intel-iotg | Needs evaluation |
| linux-intel-iot-realtime | Needs evaluation |
| linux-lowlatency | Needs evaluation |
| linux-lowlatency-hwe-5.19 | Ignored |
| linux-lowlatency-hwe-6.2 | Ignored |
| linux-lowlatency-hwe-6.5 | Ignored |
| linux-lowlatency-hwe-6.8 | Needs evaluation |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia-6.2 | Ignored |
| linux-nvidia-6.5 | Ignored |
| linux-nvidia-6.8 | Needs evaluation |
| linux-nvidia-6.11 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-nvidia-tegra | Needs evaluation |
| linux-nvidia-tegra-igx | Needs evaluation |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.8 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-6.5 | Ignored |
| linux-oracle-6.8 | Needs evaluation |
| linux-oracle-6.14 | Not in release |
| linux-oracle-6.17 | Not in release |
| linux-oem | Not in release |
| linux-oem-5.6 | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Ignored |
| linux-oem-6.0 | Ignored |
| linux-oem-6.1 | Ignored |
| linux-oem-6.5 | Ignored |
| linux-oem-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-oem-6.14 | Not in release |
| linux-oem-6.17 | Not in release |
| linux-raspi2 | Not in release |
| linux-raspi-realtime | Not in release |
| linux-realtime | Needs evaluation |
| linux-realtime-6.8 | Not in release |
| linux-realtime-6.14 | Not in release |
| linux-riscv | Ignored |
| linux-riscv-5.8 | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.19 | Ignored |
| linux-riscv-6.5 | Ignored |
| linux-riscv-6.8 | Needs evaluation |
| linux-riscv-6.14 | Not in release |
| linux-riscv-6.17 | Not in release |
| linux-starfive-5.19 | Ignored |
| linux-starfive-6.2 | Ignored |
| linux-starfive-6.5 | Ignored |
| linux-xilinx | Not in release |
| linux-realtime-6.17 | Not in release |
Not in release
In OpenStack Cyborg before 16.0.1, the Accelerator Request (ARQ) API does not enforce project ownership at any layer. The project_id column in the database is never populated (NULL for every ARQ), database queries have no project...
1 affected package
cyborg
| Package | 22.04 LTS |
|---|---|
| cyborg | Not in release |
Not in release
OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership,...
1 affected package
cyborg
| Package | 22.04 LTS |
|---|---|
| cyborg | Not in release |
A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to...
1 affected package
gdal
| Package | 22.04 LTS |
|---|---|
| gdal | Needs evaluation |
A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer...
1 affected package
gdal
| Package | 22.04 LTS |
|---|---|
| gdal | Needs evaluation |
A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy (GOMODPROXY) or checksum...
16 affected packages
golang-1.13, golang, golang-1.6, golang-1.8, golang-1.9...
| Package | 22.04 LTS |
|---|---|
| golang-1.13 | Needs evaluation |
| golang | Not in release |
| golang-1.6 | Not in release |
| golang-1.8 | Not in release |
| golang-1.9 | Not in release |
| golang-1.10 | Not in release |
| golang-1.14 | Not in release |
| golang-1.16 | Not in release |
| golang-1.17 | Needs evaluation |
| golang-1.18 | Needs evaluation |
| golang-1.20 | Needs evaluation |
| golang-1.21 | Needs evaluation |
| golang-1.22 | Needs evaluation |
| golang-1.23 | Needs evaluation |
| golang-1.24 | Needs evaluation |
| golang-1.25 | Not in release |
Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.
16 affected packages
golang-1.13, golang-1.18, golang, golang-1.6, golang-1.8...
| Package | 22.04 LTS |
|---|---|
| golang-1.13 | Needs evaluation |
| golang-1.18 | Needs evaluation |
| golang | Not in release |
| golang-1.6 | Not in release |
| golang-1.8 | Not in release |
| golang-1.9 | Not in release |
| golang-1.10 | Not in release |
| golang-1.14 | Not in release |
| golang-1.16 | Not in release |
| golang-1.17 | Needs evaluation |
| golang-1.20 | Needs evaluation |
| golang-1.21 | Needs evaluation |
| golang-1.22 | Needs evaluation |
| golang-1.23 | Needs evaluation |
| golang-1.24 | Needs evaluation |
| golang-1.25 | Not in release |
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport (sip_transport_tls) can accept connections with invalid or untrusted certificates even...
2 affected packages
pjproject, asterisk
| Package | 22.04 LTS |
|---|---|
| pjproject | Not in release |
| asterisk | Needs evaluation |
The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).
16 affected packages
golang-1.13, golang-1.18, golang, golang-1.6, golang-1.8...
| Package | 22.04 LTS |
|---|---|
| golang-1.13 | Needs evaluation |
| golang-1.18 | Needs evaluation |
| golang | Not in release |
| golang-1.6 | Not in release |
| golang-1.8 | Not in release |
| golang-1.9 | Not in release |
| golang-1.10 | Not in release |
| golang-1.14 | Not in release |
| golang-1.16 | Not in release |
| golang-1.17 | Needs evaluation |
| golang-1.20 | Needs evaluation |
| golang-1.21 | Needs evaluation |
| golang-1.22 | Needs evaluation |
| golang-1.23 | Needs evaluation |
| golang-1.24 | Needs evaluation |
| golang-1.25 | Not in release |