Search CVE reports
31 – 40 of 37537 results
CVE-2024-51485
Medium priorityAmpache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating plugins. This vulnerability allows an...
1 affected packages
ampache
| Package | 16.04 LTS |
|---|---|
| ampache | Needs evaluation |
CVE-2024-51484
Medium priorityAmpache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating controllers. This vulnerability allows...
1 affected packages
ampache
| Package | 16.04 LTS |
|---|---|
| ampache | Needs evaluation |
CVE-2024-43439
Medium priorityA flaw was found in moodle. H5P error messages require additional sanitizing to prevent a reflected cross-site scripting (XSS) risk.
1 affected packages
moodle
| Package | 16.04 LTS |
|---|---|
| moodle | Needs evaluation |
CVE-2024-50263
Medium priorityIn the Linux kernel, the following vulnerability has been resolved: fork: only invoke khugepaged, ksm hooks if no error There is no reason to invoke these hooks early against an mm that is in an incomplete state. The change in...
125 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
| Package | 16.04 LTS |
|---|---|
| linux | Not affected |
| linux-allwinner-5.19 | Not in release |
| linux-aws | Not affected |
| linux-aws-5.0 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-5.8 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-aws-6.8 | Not in release |
| linux-aws-fips | Ignored |
| linux-aws-hwe | Not affected |
| linux-azure | Not affected |
| linux-azure-4.15 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-azure-edge | Not in release |
| linux-azure-fde | Not in release |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-azure-fips | Ignored |
| linux-bluefield | Not in release |
| linux-fips | Not in release |
| linux-gcp | Not affected |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-gcp-fips | Ignored |
| linux-gke | Ignored |
| linux-gke-4.15 | Not in release |
| linux-gke-5.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gkeop | Not in release |
| linux-gkeop-5.15 | Not in release |
| linux-gkeop-5.4 | Not in release |
| linux-hwe | Not affected |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Not in release |
| linux-hwe-5.4 | Not in release |
| linux-hwe-5.8 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-hwe-edge | Ignored |
| linux-ibm | Not in release |
| linux-ibm-5.15 | Not in release |
| linux-ibm-5.4 | Not in release |
| linux-intel | Not in release |
| linux-intel-5.13 | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-kvm | Not affected |
| linux-lowlatency | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-lts-xenial | Not in release |
| linux-nvidia | Not in release |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-oem | Ignored |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Not in release |
| linux-oem-5.6 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Not in release |
| linux-oracle | Not affected |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Not in release |
| linux-oracle-6.5 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-raspi | Not in release |
| linux-raspi-5.4 | Not in release |
| linux-raspi-realtime | Not in release |
| linux-raspi2 | Ignored |
| linux-realtime | Not in release |
| linux-riscv | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Not in release |
| linux-riscv-5.8 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |
| linux-xilinx-zynqmp | Not in release |
CVE-2024-43437
Medium priorityA flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting (XSS) risk from malicious backup files.
1 affected packages
moodle
| Package | 16.04 LTS |
|---|---|
| moodle | Needs evaluation |
CVE-2024-43435
Medium priorityA flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary.
1 affected packages
moodle
| Package | 16.04 LTS |
|---|---|
| moodle | Needs evaluation |
CVE-2024-43433
Medium priorityA flaw was found in moodle. Matrix room membership and power levels are incorrectly applied and revoked for suspended Moodle users.
1 affected packages
moodle
| Package | 16.04 LTS |
|---|---|
| moodle | Needs evaluation |
CVE-2024-43432
Medium priorityA flaw was found in moodle. The cURL wrapper in Moodle strips HTTPAUTH and USERPWD headers during emulated redirects, but retains other original request headers, so HTTP authorization header information could be unintentionally...
1 affected packages
moodle
| Package | 16.04 LTS |
|---|---|
| moodle | Needs evaluation |
CVE-2024-43430
Medium priorityA flaw was found in moodle. External API access to Quiz can override contained insufficient access control.
1 affected packages
moodle
| Package | 16.04 LTS |
|---|---|
| moodle | Needs evaluation |
CVE-2024-43429
Medium priorityA flaw was found in moodle. Some hidden user profile fields are visible in gradebook reports, which could result in users without the "view hidden user fields" capability having access to the information.
1 affected packages
moodle
| Package | 16.04 LTS |
|---|---|
| moodle | Needs evaluation |