Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 26739 results

Status is adjusted based on your filters.


CVE-2024-45819

Medium priority
Needs evaluation

[Unknown description]

1 affected packages

xen

Package 20.04 LTS
xen Needs evaluation
Show less packages

CVE-2024-45818

Medium priority
Needs evaluation

[Unknown description]

1 affected packages

xen

Package 20.04 LTS
xen Needs evaluation
Show less packages

CVE-2024-10397

Medium priority
Needs evaluation

[OPENAFS-SA-2024-003: buffer overflows in XDR responses]

1 affected packages

openafs

Package 20.04 LTS
openafs Needs evaluation
Show less packages

CVE-2024-10396

Medium priority
Needs evaluation

[OPENAFS-SA-2024-002: fileserver crash on malformed StoreACL]

1 affected packages

openafs

Package 20.04 LTS
openafs Needs evaluation
Show less packages

CVE-2024-10394

Medium priority
Needs evaluation

[OPENAFS-SA-2024-001: theft of credentials from Unix PAGs]

1 affected packages

openafs

Package 20.04 LTS
openafs Needs evaluation
Show less packages

CVE-2024-11168

Medium priority
Needs evaluation

The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is...

11 affected packages

python2.7, python3.10, python3.11, python3.12, python3.13...

Package 20.04 LTS
python2.7 Needs evaluation
python3.10 Not in release
python3.11 Not in release
python3.12 Not in release
python3.13 Not in release
python3.4 Not in release
python3.5 Not in release
python3.6 Not in release
python3.7 Not in release
python3.8 Needs evaluation
python3.9 Needs evaluation
Show all 11 packages Show less packages

CVE-2024-50336

Medium priority
Needs evaluation

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the...

1 affected packages

node-matrix-js-sdk

Package 20.04 LTS
node-matrix-js-sdk Needs evaluation
Show less packages

CVE-2024-49369

Medium priority
Needs evaluation

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0...

1 affected packages

icinga2

Package 20.04 LTS
icinga2 Needs evaluation
Show less packages

CVE-2024-47535

Medium priority
Needs evaluation

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of...

2 affected packages

netty, netty-3.9

Package 20.04 LTS
netty Needs evaluation
netty-3.9 Not in release
Show less packages

CVE-2024-49395

Medium priority
Needs evaluation

In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.

2 affected packages

mutt, neomutt

Package 20.04 LTS
mutt Needs evaluation
neomutt Needs evaluation
Show less packages