Search CVE reports
431 – 440 of 36697 results
Not in release
A flaw was found in the rgaufman/live555 fork of live555. A remote attacker could exploit a segmentation fault, in the `increaseBufferTo` function. This vulnerability can lead to memory corruption problems and potentially other...
1 affected package
liblivemedia
| Package | 22.04 LTS |
|---|---|
| liblivemedia | Not in release |
An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial...
1 affected package
qemu
| Package | 22.04 LTS |
|---|---|
| qemu | Not affected |
A flaw was found in QEMU in the uefi-vars virtual device. When the guest writes to register UEFI_VARS_REG_BUFFER_SIZE, the .write callback `uefi_vars_write` is invoked. The function allocates a heap buffer without zeroing the...
1 affected package
qemu
| Package | 22.04 LTS |
|---|---|
| qemu | Not affected |
A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation. This can result in a denial of service...
1 affected package
qemu
| Package | 22.04 LTS |
|---|---|
| qemu | Not affected |
The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel...
157 affected packages
linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11...
| Package | 22.04 LTS |
|---|---|
| linux | Needs evaluation |
| linux-hwe | Not in release |
| linux-hwe-5.4 | Not in release |
| linux-hwe-5.8 | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Ignored |
| linux-hwe-6.2 | Ignored |
| linux-hwe-6.5 | Ignored |
| linux-hwe-6.8 | Needs evaluation |
| linux-hwe-edge | Not in release |
| linux-lts-xenial | Not in release |
| linux-kvm | Needs evaluation |
| linux-allwinner-5.19 | Ignored |
| linux-aws-5.0 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws | Needs evaluation |
| linux-aws-5.8 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Ignored |
| linux-aws-6.2 | Ignored |
| linux-aws-6.5 | Ignored |
| linux-aws-6.8 | Needs evaluation |
| linux-aws-hwe | Not in release |
| linux-azure | Needs evaluation |
| linux-azure-4.15 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Ignored |
| linux-azure-6.2 | Ignored |
| linux-azure-6.5 | Ignored |
| linux-azure-6.8 | Needs evaluation |
| linux-azure-fde | Needs evaluation |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Ignored |
| linux-azure-fde-6.2 | Ignored |
| linux-bluefield | Not in release |
| linux-azure-edge | Not in release |
| linux-fips | Not in release |
| linux-aws-fips | Not in release |
| linux-azure-fips | Not in release |
| linux-gcp-fips | Not in release |
| linux-gcp | Needs evaluation |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Ignored |
| linux-gcp-6.2 | Ignored |
| linux-gcp-6.5 | Ignored |
| linux-gcp-6.8 | Needs evaluation |
| linux-gke | Needs evaluation |
| linux-gke-4.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gke-5.15 | Not in release |
| linux-gkeop | Needs evaluation |
| linux-gkeop-5.4 | Not in release |
| linux-gkeop-5.15 | Not in release |
| linux-ibm | Needs evaluation |
| linux-ibm-5.4 | Not in release |
| linux-ibm-5.15 | Not in release |
| linux-intel-5.13 | Not in release |
| linux-intel-iotg | Needs evaluation |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-intel-iot-realtime | Ignored |
| linux-lowlatency | Needs evaluation |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Ignored |
| linux-lowlatency-hwe-6.2 | Ignored |
| linux-lowlatency-hwe-6.5 | Ignored |
| linux-lowlatency-hwe-6.8 | Needs evaluation |
| linux-nvidia | Needs evaluation |
| linux-nvidia-6.2 | Ignored |
| linux-nvidia-6.5 | Ignored |
| linux-nvidia-6.8 | Needs evaluation |
| linux-nvidia-lowlatency | Not in release |
| linux-oracle | Needs evaluation |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-6.5 | Ignored |
| linux-oracle-6.8 | Needs evaluation |
| linux-oem | Not in release |
| linux-oem-5.6 | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Ignored |
| linux-oem-6.0 | Ignored |
| linux-oem-6.1 | Ignored |
| linux-oem-6.5 | Ignored |
| linux-oem-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-raspi | Needs evaluation |
| linux-raspi2 | Not in release |
| linux-raspi-5.4 | Not in release |
| linux-raspi-realtime | Not in release |
| linux-realtime | Ignored |
| linux-riscv | Ignored |
| linux-riscv-5.8 | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Ignored |
| linux-riscv-6.5 | Ignored |
| linux-riscv-6.8 | Needs evaluation |
| linux-starfive-5.19 | Ignored |
| linux-starfive-6.2 | Ignored |
| linux-starfive-6.5 | Ignored |
| linux-xilinx-zynqmp | Needs evaluation |
| linux-intel | Not in release |
| linux-hwe-6.11 | Not in release |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia-tegra | Needs evaluation |
| linux-nvidia-tegra-igx | Needs evaluation |
| linux-azure-nvidia | Not in release |
| linux-azure-6.11 | Not in release |
| linux-gcp-6.11 | Not in release |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-oem-6.14 | Not in release |
| linux-riscv-6.14 | Not in release |
| linux-ibm-6.8 | Needs evaluation |
| linux-aws-6.14 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-oracle-6.14 | Not in release |
| linux-nvidia-6.11 | Not in release |
| linux-realtime-6.14 | Not in release |
| linux-realtime-6.8 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
| linux-xilinx | Not in release |
| linux-oem-6.17 | Not in release |
| linux-azure-fde-6.8 | Needs evaluation |
| linux-aws-6.17 | Not in release |
| linux-gcp-6.17 | Not in release |
| linux-hwe-6.17 | Not in release |
| linux-oracle-6.17 | Not in release |
| linux-riscv-6.17 | Not in release |
| linux-azure-6.17 | Not in release |
| linux-azure-fde-6.17 | Not in release |
A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnn_backend_tf.c source file. The issue occurs in the dnn_execute_model_tf() function, where a task object is freed multiple times in certain error-handling...
2 affected packages
ffmpeg, libav
| Package | 22.04 LTS |
|---|---|
| ffmpeg | Needs evaluation |
| libav | Not in release |
An insufficient entropy vulnerability was found in glibc. The getrandom and arc4random family of functions may return predictable randomness if these functions are called again after the fork, which happens concurrently with a...
2 affected packages
eglibc, glibc
| Package | 22.04 LTS |
|---|---|
| eglibc | Not in release |
| glibc | Not affected |
A security flaw has been discovered in Squirrel up to 3.2. This affects the function SQObjectPtr::operator in the library squirrel/sqobject.h. The manipulation results in heap-based buffer overflow. The attack needs to...
1 affected package
squirrel3
| Package | 22.04 LTS |
|---|---|
| squirrel3 | Needs evaluation |
Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, `Rack::Directory` generates an HTML directory index where each file entry is rendered as a clickable link. If a file exists on disk whose...
1 affected package
ruby-rack
| Package | 22.04 LTS |
|---|---|
| ruby-rack | Fixed |
Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, `Rack::Directory`’s path check used a string prefix match on the expanded path. A request like `/../root_example/` can escape the configured...
1 affected package
ruby-rack
| Package | 22.04 LTS |
|---|---|
| ruby-rack | Fixed |