Search CVE reports
11 – 20 of 21239 results
CVE-2024-50336
Medium prioritymatrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the...
1 affected packages
node-matrix-js-sdk
Package | 24.04 LTS |
---|---|
node-matrix-js-sdk | Needs evaluation |
CVE-2024-49369
Medium priorityIcinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0...
1 affected packages
icinga2
Package | 24.04 LTS |
---|---|
icinga2 | Needs evaluation |
CVE-2024-47535
Medium priorityNetty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of...
2 affected packages
netty, netty-3.9
Package | 24.04 LTS |
---|---|
netty | Needs evaluation |
netty-3.9 | Not in release |
CVE-2024-49395
Medium priorityIn mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.
2 affected packages
mutt, neomutt
Package | 24.04 LTS |
---|---|
mutt | Needs evaluation |
neomutt | Needs evaluation |
CVE-2024-49394
Medium priorityIn mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender.
2 affected packages
mutt, neomutt
Package | 24.04 LTS |
---|---|
mutt | Needs evaluation |
neomutt | Needs evaluation |
CVE-2024-49393
Medium priorityIn neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise...
2 affected packages
mutt, neomutt
Package | 24.04 LTS |
---|---|
mutt | Needs evaluation |
neomutt | Needs evaluation |
CVE-2024-43499
Medium priority.NET and Visual Studio Denial of Service Vulnerability
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
Package | 24.04 LTS |
---|---|
dotnet6 | Not in release |
dotnet7 | Not in release |
dotnet8 | Not affected |
dotnet9 | Not in release |
CVE-2024-43498
Medium priority.NET and Visual Studio Remote Code Execution Vulnerability
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
Package | 24.04 LTS |
---|---|
dotnet6 | Not in release |
dotnet7 | Not in release |
dotnet8 | Not affected |
dotnet9 | Not in release |
CVE-2024-23918
Medium priorityImproper conditions check in some Intel® Xeon® processor memory controller configurations when using Intel® SGX may allow a privileged user to potentially enable escalation of privilege via local access.
1 affected packages
intel-microcode
Package | 24.04 LTS |
---|---|
intel-microcode | Vulnerable |
CVE-2024-21853
Medium priorityFaulty finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel® Xeon® Processors may allow an authorized user to potentially enable denial of service via local access.
1 affected packages
intel-microcode
Package | 24.04 LTS |
---|---|
intel-microcode | Vulnerable |