Search CVE reports
561 – 570 of 32161 results
Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "#cgo pkg-config:" directive in a Go source file provides command-line arguments to...
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS |
|---|---|
| golang | Not in release |
| golang-1.6 | Not in release |
| golang-1.8 | Not in release |
| golang-1.9 | Not in release |
| golang-1.10 | Not in release |
| golang-1.13 | Not in release |
| golang-1.14 | Not in release |
| golang-1.16 | Not in release |
| golang-1.17 | Not in release |
| golang-1.18 | Not in release |
| golang-1.20 | Not in release |
| golang-1.21 | Needs evaluation |
| golang-1.22 | Needs evaluation |
| golang-1.23 | Needs evaluation |
| golang-1.24 | Not in release |
| golang-1.25 | Not in release |
During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the...
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS |
|---|---|
| golang | Not in release |
| golang-1.6 | Not in release |
| golang-1.8 | Not in release |
| golang-1.9 | Not in release |
| golang-1.10 | Not in release |
| golang-1.13 | Not in release |
| golang-1.14 | Not in release |
| golang-1.16 | Not in release |
| golang-1.17 | Not in release |
| golang-1.18 | Not in release |
| golang-1.20 | Not in release |
| golang-1.21 | Needs evaluation |
| golang-1.22 | Needs evaluation |
| golang-1.23 | Needs evaluation |
| golang-1.24 | Not in release |
| golang-1.25 | Not in release |
archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously constructed ZIP archive.
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS |
|---|---|
| golang | Not in release |
| golang-1.6 | Not in release |
| golang-1.8 | Not in release |
| golang-1.9 | Not in release |
| golang-1.10 | Not in release |
| golang-1.13 | Not in release |
| golang-1.14 | Not in release |
| golang-1.16 | Not in release |
| golang-1.17 | Not in release |
| golang-1.18 | Not in release |
| golang-1.20 | Not in release |
| golang-1.21 | Needs evaluation |
| golang-1.22 | Needs evaluation |
| golang-1.23 | Needs evaluation |
| golang-1.24 | Not in release |
| golang-1.25 | Not in release |
The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the...
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS |
|---|---|
| golang | Not in release |
| golang-1.6 | Not in release |
| golang-1.8 | Not in release |
| golang-1.9 | Not in release |
| golang-1.10 | Not in release |
| golang-1.13 | Not in release |
| golang-1.14 | Not in release |
| golang-1.16 | Not in release |
| golang-1.17 | Not in release |
| golang-1.18 | Not in release |
| golang-1.20 | Not in release |
| golang-1.21 | Needs evaluation |
| golang-1.22 | Needs evaluation |
| golang-1.23 | Needs evaluation |
| golang-1.24 | Not in release |
| golang-1.25 | Not in release |
Some fixes available 8 of 15
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution,...
47 affected packages
nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-340, nvidia-graphics-drivers-340-updates, nvidia-graphics-drivers-352...
| Package | 24.04 LTS |
|---|---|
| nvidia-graphics-drivers-304 | Not in release |
| nvidia-graphics-drivers-304-updates | Not in release |
| nvidia-graphics-drivers-340 | Not in release |
| nvidia-graphics-drivers-340-updates | Not in release |
| nvidia-graphics-drivers-352 | Not in release |
| nvidia-graphics-drivers-352-updates | Not in release |
| nvidia-graphics-drivers-361 | Not in release |
| nvidia-graphics-drivers-367 | Not in release |
| nvidia-graphics-drivers-375 | Not in release |
| nvidia-graphics-drivers-384 | Not in release |
| nvidia-graphics-drivers-390 | Not in release |
| nvidia-graphics-drivers-418-server | Not in release |
| nvidia-graphics-drivers-430 | Not in release |
| nvidia-graphics-drivers-435 | Not in release |
| nvidia-graphics-drivers-440 | Not in release |
| nvidia-graphics-drivers-440-server | Not in release |
| nvidia-graphics-drivers-450 | Not in release |
| nvidia-graphics-drivers-450-server | Not in release |
| nvidia-graphics-drivers-455 | Not in release |
| nvidia-graphics-drivers-460 | Not in release |
| nvidia-graphics-drivers-460-server | Not in release |
| nvidia-graphics-drivers-470 | Ignored |
| nvidia-graphics-drivers-470-server | Ignored |
| nvidia-graphics-drivers-495 | Not in release |
| nvidia-graphics-drivers-510 | Not in release |
| nvidia-graphics-drivers-510-server | Not in release |
| nvidia-graphics-drivers-515 | Not in release |
| nvidia-graphics-drivers-515-server | Not in release |
| nvidia-graphics-drivers-520 | Not in release |
| nvidia-graphics-drivers-525 | Not affected |
| nvidia-graphics-drivers-525-server | Not affected |
| nvidia-graphics-drivers-530 | Not in release |
| nvidia-graphics-drivers-535 | Fixed |
| nvidia-graphics-drivers-535-server | Fixed |
| nvidia-graphics-drivers-545 | Not in release |
| nvidia-graphics-drivers-550 | Ignored |
| nvidia-graphics-drivers-550-server | Ignored |
| nvidia-graphics-drivers-560 | Not in release |
| nvidia-graphics-drivers-565-server | Ignored |
| nvidia-graphics-drivers-570 | Fixed |
| nvidia-graphics-drivers-570-server | Fixed |
| nvidia-graphics-drivers-575 | Ignored |
| nvidia-graphics-drivers-575-server | Ignored |
| nvidia-graphics-drivers-580 | Fixed |
| nvidia-graphics-drivers-580-server | Fixed |
| nvidia-graphics-drivers-590 | Fixed |
| nvidia-graphics-drivers-590-server | Fixed |
Some fixes available 8 of 15
NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution,...
47 affected packages
nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-340, nvidia-graphics-drivers-340-updates, nvidia-graphics-drivers-352...
| Package | 24.04 LTS |
|---|---|
| nvidia-graphics-drivers-304 | Not in release |
| nvidia-graphics-drivers-304-updates | Not in release |
| nvidia-graphics-drivers-340 | Not in release |
| nvidia-graphics-drivers-340-updates | Not in release |
| nvidia-graphics-drivers-352 | Not in release |
| nvidia-graphics-drivers-352-updates | Not in release |
| nvidia-graphics-drivers-361 | Not in release |
| nvidia-graphics-drivers-367 | Not in release |
| nvidia-graphics-drivers-375 | Not in release |
| nvidia-graphics-drivers-384 | Not in release |
| nvidia-graphics-drivers-390 | Not in release |
| nvidia-graphics-drivers-418-server | Not in release |
| nvidia-graphics-drivers-430 | Not in release |
| nvidia-graphics-drivers-435 | Not in release |
| nvidia-graphics-drivers-440 | Not in release |
| nvidia-graphics-drivers-440-server | Not in release |
| nvidia-graphics-drivers-450 | Not in release |
| nvidia-graphics-drivers-450-server | Not in release |
| nvidia-graphics-drivers-455 | Not in release |
| nvidia-graphics-drivers-460 | Not in release |
| nvidia-graphics-drivers-460-server | Not in release |
| nvidia-graphics-drivers-470 | Ignored |
| nvidia-graphics-drivers-470-server | Ignored |
| nvidia-graphics-drivers-495 | Not in release |
| nvidia-graphics-drivers-510 | Not in release |
| nvidia-graphics-drivers-510-server | Not in release |
| nvidia-graphics-drivers-515 | Not in release |
| nvidia-graphics-drivers-515-server | Not in release |
| nvidia-graphics-drivers-520 | Not in release |
| nvidia-graphics-drivers-525 | Not affected |
| nvidia-graphics-drivers-525-server | Not affected |
| nvidia-graphics-drivers-530 | Not in release |
| nvidia-graphics-drivers-535 | Fixed |
| nvidia-graphics-drivers-535-server | Fixed |
| nvidia-graphics-drivers-545 | Not in release |
| nvidia-graphics-drivers-550 | Ignored |
| nvidia-graphics-drivers-550-server | Ignored |
| nvidia-graphics-drivers-560 | Not in release |
| nvidia-graphics-drivers-565-server | Ignored |
| nvidia-graphics-drivers-570 | Fixed |
| nvidia-graphics-drivers-570-server | Fixed |
| nvidia-graphics-drivers-575 | Ignored |
| nvidia-graphics-drivers-575-server | Ignored |
| nvidia-graphics-drivers-580 | Fixed |
| nvidia-graphics-drivers-580-server | Fixed |
| nvidia-graphics-drivers-590 | Fixed |
| nvidia-graphics-drivers-590-server | Fixed |
M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. Attackers can send a POST request to the /api/1/admin/users/update...
1 affected package
monit
| Package | 24.04 LTS |
|---|---|
| monit | Needs evaluation |
M/Monit 3.7.4 contains an authentication vulnerability that allows authenticated attackers to retrieve user password hashes through an administrative API endpoint. Attackers can send requests to the /api/1/admin/users/list and...
1 affected package
monit
| Package | 24.04 LTS |
|---|---|
| monit | Needs evaluation |
Some fixes available 1 of 2
A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations. When handling HTTP redirects, libsoup removes the Authorization header but does not remove the...
2 affected packages
libsoup2.4, libsoup3
| Package | 24.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | Fixed |
Some fixes available 1 of 2
A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF (Carriage Return Line Feed) sequences into the header value. These sequences are then interpreted verbatim when...
2 affected packages
libsoup2.4, libsoup3
| Package | 24.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | Fixed |