Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

11 – 20 of 21239 results

Status is adjusted based on your filters.


CVE-2024-50336

Medium priority
Needs evaluation

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the...

1 affected packages

node-matrix-js-sdk

Package 24.04 LTS
node-matrix-js-sdk Needs evaluation
Show less packages

CVE-2024-49369

Medium priority
Needs evaluation

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0...

1 affected packages

icinga2

Package 24.04 LTS
icinga2 Needs evaluation
Show less packages

CVE-2024-47535

Medium priority
Needs evaluation

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of...

2 affected packages

netty, netty-3.9

Package 24.04 LTS
netty Needs evaluation
netty-3.9 Not in release
Show less packages

CVE-2024-49395

Medium priority
Needs evaluation

In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.

2 affected packages

mutt, neomutt

Package 24.04 LTS
mutt Needs evaluation
neomutt Needs evaluation
Show less packages

CVE-2024-49394

Medium priority
Needs evaluation

In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender.

2 affected packages

mutt, neomutt

Package 24.04 LTS
mutt Needs evaluation
neomutt Needs evaluation
Show less packages

CVE-2024-49393

Medium priority
Needs evaluation

In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise...

2 affected packages

mutt, neomutt

Package 24.04 LTS
mutt Needs evaluation
neomutt Needs evaluation
Show less packages

CVE-2024-43499

Medium priority
Not affected

.NET and Visual Studio Denial of Service Vulnerability

4 affected packages

dotnet6, dotnet7, dotnet8, dotnet9

Package 24.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not affected
dotnet9 Not in release
Show less packages

CVE-2024-43498

Medium priority
Not affected

.NET and Visual Studio Remote Code Execution Vulnerability

4 affected packages

dotnet6, dotnet7, dotnet8, dotnet9

Package 24.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not affected
dotnet9 Not in release
Show less packages

CVE-2024-23918

Medium priority
Vulnerable

Improper conditions check in some Intel® Xeon® processor memory controller configurations when using Intel® SGX may allow a privileged user to potentially enable escalation of privilege via local access.

1 affected packages

intel-microcode

Package 24.04 LTS
intel-microcode Vulnerable
Show less packages

CVE-2024-21853

Medium priority
Vulnerable

Faulty finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel® Xeon® Processors may allow an authorized user to potentially enable denial of service via local access.

1 affected packages

intel-microcode

Package 24.04 LTS
intel-microcode Vulnerable
Show less packages