Search CVE reports
541 – 550 of 32161 results
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 is vulnerable to a denial of service as the server may crash when an authenticated user creates a specially crafted query.
149 affected packages
linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11...
| Package | 24.04 LTS |
|---|---|
| linux | Needs evaluation |
| linux-hwe | Not in release |
| linux-hwe-5.4 | Not in release |
| linux-hwe-5.8 | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-hwe-6.11 | Ignored |
| linux-hwe-6.14 | Needs evaluation |
| linux-hwe-edge | Not in release |
| linux-lts-xenial | Not in release |
| linux-kvm | Not in release |
| linux-allwinner-5.19 | Not in release |
| linux-aws | Needs evaluation |
| linux-aws-5.0 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-5.8 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-aws-6.8 | Not in release |
| linux-aws-6.14 | Needs evaluation |
| linux-aws-hwe | Not in release |
| linux-azure | Needs evaluation |
| linux-azure-4.15 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-azure-6.11 | Ignored |
| linux-azure-6.14 | Needs evaluation |
| linux-azure-fde | Needs evaluation |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-azure-fde-6.8 | Not in release |
| linux-azure-fde-6.14 | Needs evaluation |
| linux-azure-nvidia | Needs evaluation |
| linux-azure-nvidia-6.14 | Needs evaluation |
| linux-bluefield | Not in release |
| linux-azure-edge | Not in release |
| linux-fips | Needs evaluation |
| linux-aws-fips | Needs evaluation |
| linux-azure-fips | Needs evaluation |
| linux-gcp-fips | Needs evaluation |
| linux-gcp | Needs evaluation |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-gcp-6.11 | Ignored |
| linux-gcp-6.14 | Needs evaluation |
| linux-gke | Needs evaluation |
| linux-gke-4.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gke-5.15 | Not in release |
| linux-gkeop | Needs evaluation |
| linux-gkeop-5.4 | Not in release |
| linux-gkeop-5.15 | Not in release |
| linux-ibm | Needs evaluation |
| linux-ibm-5.4 | Not in release |
| linux-ibm-5.15 | Not in release |
| linux-ibm-6.8 | Not in release |
| linux-intel-5.13 | Not in release |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-lowlatency | Needs evaluation |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-lowlatency-hwe-6.11 | Ignored |
| linux-nvidia | Needs evaluation |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-6.11 | Ignored |
| linux-nvidia-lowlatency | Needs evaluation |
| linux-nvidia-tegra | Needs evaluation |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-nvidia-tegra-igx | Not in release |
| linux-oracle | Needs evaluation |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-6.5 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-oracle-6.14 | Ignored |
| linux-oem | Not in release |
| linux-oem-5.6 | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Ignored |
| linux-oem-6.11 | Ignored |
| linux-oem-6.14 | Needs evaluation |
| linux-oem-6.17 | Needs evaluation |
| linux-raspi | Needs evaluation |
| linux-raspi2 | Not in release |
| linux-raspi-5.4 | Not in release |
| linux-raspi-realtime | Needs evaluation |
| linux-realtime | Needs evaluation |
| linux-realtime-6.8 | Not in release |
| linux-realtime-6.14 | Ignored |
| linux-riscv | Ignored |
| linux-riscv-5.8 | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-riscv-6.14 | Ignored |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |
| linux-xilinx | Needs evaluation |
| linux-xilinx-zynqmp | Not in release |
# Active Storage allowed transformation methods potentially unsafe Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three...
1 affected package
rails
| Package | 24.04 LTS |
|---|---|
| rails | Needs evaluation |
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in The Wikimedia Foundation Mediawiki - DiscussionTools Extension allows Regular...
1 affected package
mediawiki
| Package | 24.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the to_postgis()` function being used to write GeoDataFrames to a PostgreSQL database.
1 affected package
python-geopandas
| Package | 24.04 LTS |
|---|---|
| python-geopandas | Needs evaluation |
Not in release
Salt contains an authentication protocol version downgrade weakness that can allow a malicious minion to bypass newer authentication/security features by using an older request payload format, enabling minion impersonation and...
1 affected package
salt
| Package | 24.04 LTS |
|---|---|
| salt | Not in release |
Not in release
Salt's junos execution module contained an unsafe YAML decode/load usage. A specially crafted YAML payload processed by the junos module could lead to unintended code execution under the context of the Salt process.
1 affected package
salt
| Package | 24.04 LTS |
|---|---|
| salt | Not in release |
Insufficient epoch key slot processing in OpenVPN 2.7_alpha1 through 2.7_rc5 allows remote authenticated users to trigger an assert resulting in a denial of service
1 affected package
openvpn
| Package | 24.04 LTS |
|---|---|
| openvpn | Not affected |
Tryton 5.4 contains a persistent cross-site scripting vulnerability in the user profile name input that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability by inserting script payloads in...
1 affected package
tryton-sao
| Package | 24.04 LTS |
|---|---|
| tryton-sao | Not affected |
Not in release
Dolibarr 11.0.3 contains a persistent cross-site scripting vulnerability in LDAP synchronization settings that allows attackers to inject malicious scripts through multiple parameters. Attackers can exploit the host, slave, and...
1 affected package
dolibarr
| Package | 24.04 LTS |
|---|---|
| dolibarr | Not in release |
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric...
1 affected package
node-webfont
| Package | 24.04 LTS |
|---|---|
| node-webfont | Needs evaluation |