Search CVE reports
21 – 30 of 31652 results
CVE-2024-52533
Medium prioritygio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.
1 affected packages
glib2.0
| Package | 18.04 LTS |
|---|---|
| glib2.0 | Needs evaluation |
CVE-2024-50636
Medium priorityPyMOL 2.5.0 contains a vulnerability in its "Run Script" function, which allows the execution of arbitrary Python code embedded within .PYM files. Attackers can craft a malicious .PYM file containing a Python reverse shell payload...
1 affected packages
pymol
| Package | 18.04 LTS |
|---|---|
| pymol | Needs evaluation |
CVE-2024-52532
Medium priorityGNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients.
2 affected packages
libsoup2.4, libsoup3
| Package | 18.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | — |
CVE-2024-52531
Medium priorityGNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. Input received over the network cannot trigger this.
2 affected packages
libsoup2.4, libsoup3
| Package | 18.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | — |
CVE-2024-52530
Medium priorityGNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a...
2 affected packages
libsoup2.4, libsoup3
| Package | 18.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | — |
CVE-2024-43439
Medium priorityA flaw was found in moodle. H5P error messages require additional sanitizing to prevent a reflected cross-site scripting (XSS) risk.
1 affected packages
moodle
| Package | 18.04 LTS |
|---|---|
| moodle | Needs evaluation |
CVE-2024-50263
Medium priorityIn the Linux kernel, the following vulnerability has been resolved: fork: only invoke khugepaged, ksm hooks if no error There is no reason to invoke these hooks early against an mm that is in an incomplete state. The change in...
125 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
| Package | 18.04 LTS |
|---|---|
| linux | Not affected |
| linux-allwinner-5.19 | Not in release |
| linux-aws | Not affected |
| linux-aws-5.0 | Ignored |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Not in release |
| linux-aws-5.3 | Ignored |
| linux-aws-5.4 | Not affected |
| linux-aws-5.8 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-aws-6.8 | Not in release |
| linux-aws-fips | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure | Ignored |
| linux-azure-4.15 | Not affected |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Not in release |
| linux-azure-5.3 | Ignored |
| linux-azure-5.4 | Not affected |
| linux-azure-5.8 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-azure-edge | Ignored |
| linux-azure-fde | Not in release |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-azure-fips | Not in release |
| linux-bluefield | Not in release |
| linux-fips | Not in release |
| linux-gcp | Ignored |
| linux-gcp-4.15 | Not affected |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Not in release |
| linux-gcp-5.3 | Ignored |
| linux-gcp-5.4 | Not affected |
| linux-gcp-5.8 | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-gcp-fips | Not in release |
| linux-gke | Not in release |
| linux-gke-4.15 | Ignored |
| linux-gke-5.15 | Not in release |
| linux-gke-5.4 | Ignored |
| linux-gkeop | Not in release |
| linux-gkeop-5.15 | Not in release |
| linux-gkeop-5.4 | Ignored |
| linux-hwe | Ignored |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Not in release |
| linux-hwe-5.4 | Not affected |
| linux-hwe-5.8 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-hwe-edge | Ignored |
| linux-ibm | Not in release |
| linux-ibm-5.15 | Not in release |
| linux-ibm-5.4 | Not affected |
| linux-intel | Not in release |
| linux-intel-5.13 | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-kvm | Not affected |
| linux-lowlatency | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-lts-xenial | Not in release |
| linux-nvidia | Not in release |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-oem | Ignored |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Not in release |
| linux-oem-5.6 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Not in release |
| linux-oracle | Not affected |
| linux-oracle-5.0 | Ignored |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-5.3 | Ignored |
| linux-oracle-5.4 | Not affected |
| linux-oracle-5.8 | Not in release |
| linux-oracle-6.5 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-raspi | Not in release |
| linux-raspi-5.4 | Not affected |
| linux-raspi-realtime | Not in release |
| linux-raspi2 | Ignored |
| linux-realtime | Not in release |
| linux-riscv | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Not in release |
| linux-riscv-5.8 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |
| linux-xilinx-zynqmp | Not in release |
CVE-2024-43437
Medium priorityA flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting (XSS) risk from malicious backup files.
1 affected packages
moodle
| Package | 18.04 LTS |
|---|---|
| moodle | Needs evaluation |
CVE-2024-43435
Medium priorityA flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary.
1 affected packages
moodle
| Package | 18.04 LTS |
|---|---|
| moodle | Needs evaluation |
CVE-2024-43433
Medium priorityA flaw was found in moodle. Matrix room membership and power levels are incorrectly applied and revoked for suspended Moodle users.
1 affected packages
moodle
| Package | 18.04 LTS |
|---|---|
| moodle | Needs evaluation |