Search CVE reports

91 – 100 of 1353 results

Detailed view

Sort by:

CVE-2011-3923

Medium priority

Ignored

Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.

2 affected packages

libspring-2.5-java, libstruts1.2-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libspring-2.5-java	—	—	—	Not in release
libstruts1.2-java	—	—	—	Not in release

CVE-2012-5577

Medium priority

Some fixes available 5 of 6

Python keyring lib before 0.10 created keyring files with world-readable permissions.

1 affected package

python-keyring

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
python-keyring	—	—	—	—

Spring Security, versions 4.2.x up to 4.2.12, and older unsupported versions support plain text passwords using PlaintextPasswordEncoder. If an application using an affected version of Spring Security is...

1 affected package

libspring-security-2.0-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libspring-security-2.0-java	—	—	Not in release	Not in release

CVE-2019-3795

Low priority

Not in release

Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order...

1 affected package

libspring-security-2.0-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libspring-security-2.0-java	—	—	—	Not in release

CVE-2018-20781

Medium priority

Fixed

In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.

1 affected package

gnome-keyring

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
gnome-keyring	—	—	—	Not affected

CVE-2018-19358

Low priority

Ignored

GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs...

1 affected package

gnome-keyring

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
gnome-keyring	Not affected	Not affected	Not affected	Not affected

CVE-2018-15756

Medium priority

Vulnerable

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the...

1 affected package

libspring-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libspring-java	Not affected	Not affected	Not affected	Not affected

CVE-2017-2634

Medium priority

Ignored

It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in...

27 affected packages

linux, linux-armadaxp, linux-aws, linux-flo, linux-gke...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-aws	—	—	—	—
linux-flo	—	—	—	—
linux-gke	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—
linux-ti-omap4	—	—	—	—

CVE-2017-7558

Low priority

Some fixes available 4 of 8

A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when...

74 affected packages

linux, linux-aws, linux-azure, linux-euclid, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	Not affected	Not affected	Not affected	Not affected
linux-aws	Not affected	Not affected	Not affected	Not affected
linux-azure	Not affected	Not affected	Not affected	Ignored
linux-euclid	—	—	—	Not in release
linux-flo	—	—	—	Not in release
linux-gcp	Not affected	Not affected	Not affected	Ignored
linux-gke	Not affected	Not affected	Ignored	Not in release
linux-goldfish	—	—	—	Not in release
linux-grouper	—	—	—	Not in release
linux-hwe	Not in release	Not in release	Not in release	Ignored
linux-hwe-edge	Not in release	Not in release	Not in release	Ignored
linux-kvm	Not in release	Not affected	Not affected	Not affected
linux-lts-quantal	—	—	—	Not in release
linux-lts-raring	—	—	—	Not in release
linux-lts-saucy	—	—	—	Not in release
linux-lts-trusty	—	—	—	Not in release
linux-lts-utopic	—	—	—	Not in release
linux-lts-vivid	—	—	—	Not in release
linux-lts-wily	—	—	—	Not in release
linux-lts-xenial	Not in release	Not in release	Not in release	Not in release
linux-maguro	—	—	—	Not in release
linux-mako	—	—	—	Not in release
linux-manta	—	—	—	Not in release
linux-oem	Not in release	Not in release	Not in release	Ignored
linux-raspi2	Not in release	Not in release	Ignored	Not affected
linux-snapdragon	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.4	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.15	Not in release	Not in release	Not affected	Not in release
linux-hwe-6.8	Not in release	Not affected	Not in release	Not in release
linux-aws-5.4	Not in release	Not in release	Not in release	Not affected
linux-aws-5.15	Not in release	Not in release	Not affected	Not in release
linux-aws-hwe	Not in release	Not in release	Not in release	Not in release
linux-azure-4.15	Not in release	Not in release	Not in release	Not affected
linux-azure-5.4	Not in release	Not in release	Not in release	Not affected
linux-azure-5.15	Not in release	Not in release	Not affected	Not in release
linux-azure-fde	Not affected	Not affected	Ignored	Not in release
linux-azure-fde-5.15	Not in release	Not in release	Not affected	Not in release
linux-bluefield	Not in release	Not in release	Not affected	Not in release
linux-fips	Not in release	Not affected	Not affected	Not affected
linux-aws-fips	Not in release	Not affected	Not affected	Not affected
linux-azure-fips	Not in release	Not affected	Not affected	Not affected
linux-gcp-fips	Not in release	Not affected	Not affected	Not affected
linux-gcp-4.15	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.4	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.15	Not in release	Not in release	Not affected	Not in release
linux-gkeop	Not affected	Not affected	Not affected	Not in release
linux-gkeop-5.15	Not in release	Not in release	Not affected	Not in release
linux-ibm	Not affected	Not affected	Not affected	Not in release
linux-ibm-5.4	Not in release	Not in release	Not in release	Not affected
linux-ibm-5.15	Not in release	Not in release	Not affected	Not in release
linux-intel	Not affected	Not in release	Not in release	Not in release
linux-intel-iotg	Not in release	Not affected	Not in release	Not in release
linux-intel-iotg-5.15	Not in release	Not in release	Not affected	Not in release
linux-iot	Not in release	Not in release	Not affected	Not in release
linux-intel-iot-realtime	Not in release	Not affected	Not in release	Not in release
linux-lowlatency	Not affected	Not affected	Not in release	Not in release
linux-lowlatency-hwe-5.15	Not in release	Not in release	Not affected	Not in release
linux-lowlatency-hwe-6.8	Not in release	Not affected	Not in release	Not in release
linux-nvidia	Not affected	Not affected	Not in release	Not in release
linux-nvidia-6.5	Not in release	Not affected	Not in release	Not in release
linux-nvidia-6.8	Not in release	Not affected	Not in release	Not in release
linux-nvidia-lowlatency	Not affected	Not in release	Not in release	Not in release
linux-oracle	Not affected	Not affected	Not affected	Not affected
linux-oracle-5.4	Not in release	Not in release	Not in release	Not affected
linux-oracle-5.15	Not in release	Not in release	Not affected	Not in release
linux-oem-6.8	Not affected	Not in release	Not in release	Not in release
linux-raspi	Not affected	Not affected	Not affected	Not in release
linux-raspi-5.4	Not in release	Not in release	Not in release	Not affected
linux-raspi-realtime	Not affected	Not in release	Not in release	Not in release
linux-realtime	Not affected	Not affected	Not in release	Not in release
linux-riscv	Not affected	Ignored	Ignored	Not in release
linux-riscv-5.15	Not in release	Not in release	Not affected	Not in release
linux-riscv-6.8	Not in release	Not affected	Not in release	Not in release
linux-xilinx-zynqmp	Not in release	Not affected	Not affected	Not in release

CVE-2018-11040

Medium priority

Vulnerable

Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding)...

1 affected package

libspring-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libspring-java	Not affected	Not affected	Not affected	Not affected

Export to JSON

Results by page: