Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

31 – 40 of 1733 results


CVE-2011-4915

Low priority
Ignored

fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.

18 affected packages

linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-armadaxp
linux-ec2
linux-flo
linux-fsl-imx51
linux-goldfish
linux-grouper
linux-lts-backport-maverick
linux-lts-backport-natty
linux-lts-backport-oneiric
linux-lts-quantal
linux-lts-raring
linux-lts-saucy
linux-maguro
linux-mako
linux-manta
linux-mvl-dove
linux-ti-omap4
Show all 18 packages Show less packages

CVE-2015-9541

Low priority
Vulnerable

Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564.

5 affected packages

phantomjs, pyside, pyside2, qt4-x11, qtbase-opensource-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
phantomjs Not in release Not in release Vulnerable Vulnerable Vulnerable
pyside Not in release Not in release Not in release Vulnerable Vulnerable
pyside2 Vulnerable Vulnerable Vulnerable Not in release Needs evaluation
qt4-x11 Not in release Not in release Not in release Vulnerable Vulnerable
qtbase-opensource-src Not affected Not affected Not affected Vulnerable Vulnerable
Show less packages

CVE-2012-5476

Low priority
Ignored

Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value.

1 affected packages

quantum

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
quantum Not in release
Show less packages

CVE-2009-2802

Medium priority
Not affected

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.

1 affected packages

mantis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mantis
Show less packages

CVE-2013-1811

Medium priority
Ignored

An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".

1 affected packages

mantis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mantis Not in release
Show less packages

CVE-2007-3732

Medium priority
Ignored

In Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc calls a C function without ensuring that the segments are set properly. The kernel's %fs needs to be restored before the call in TRACE_IRQS_ON and before enabling...

22 affected packages

linux, linux-armadaxp, linux-flo, linux-goldfish, linux-grouper...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected
linux-armadaxp Not in release
linux-flo Not affected
linux-goldfish Not affected
linux-grouper Not in release
linux-linaro-omap Not in release
linux-linaro-shared Not in release
linux-linaro-vexpress Not in release
linux-lts-quantal Not in release
linux-lts-raring Not in release
linux-lts-saucy Not in release
linux-lts-trusty Not in release
linux-lts-utopic Not in release
linux-lts-vivid Not in release
linux-lts-wily Not in release
linux-lts-xenial Not in release
linux-maguro Not in release
linux-mako Not affected
linux-manta Not in release
linux-qcm-msm Not in release
linux-raspi2 Not affected
linux-ti-omap4 Not in release
Show all 22 packages Show less packages

CVE-2010-2243

Low priority
Ignored

A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS.

11 affected packages

linux, linux-armadaxp, linux-ec2, linux-fsl-imx51, linux-lts-backport-maverick...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-armadaxp
linux-ec2
linux-fsl-imx51
linux-lts-backport-maverick
linux-lts-backport-natty
linux-lts-backport-oneiric
linux-lts-quantal
linux-lts-raring
linux-mvl-dove
linux-ti-omap4
Show all 11 packages Show less packages

CVE-2014-8181

Low priority
Ignored

The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.

27 affected packages

linux, linux-armadaxp, linux-aws, linux-flo, linux-gke...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected
linux-armadaxp Not in release
linux-aws Not affected
linux-flo Not affected
linux-gke Not affected
linux-goldfish Not affected
linux-grouper Not in release
linux-hwe Not affected
linux-hwe-edge Not affected
linux-linaro-omap Not in release
linux-linaro-shared Not in release
linux-linaro-vexpress Not in release
linux-lts-quantal Not in release
linux-lts-raring Not in release
linux-lts-saucy Not in release
linux-lts-trusty Not in release
linux-lts-utopic Not in release
linux-lts-vivid Not in release
linux-lts-wily Not in release
linux-lts-xenial Not in release
linux-maguro Not in release
linux-mako Not affected
linux-manta Not in release
linux-qcm-msm Not in release
linux-raspi2 Not affected
linux-snapdragon Not affected
linux-ti-omap4 Not in release
Show all 27 packages Show less packages

CVE-2019-17221

Medium priority
Vulnerable

PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, which loads a specified URL and...

1 affected packages

phantomjs

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
phantomjs Not in release Not in release Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2013-2255

Low priority
Ignored

HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.

6 affected packages

cinder, keystone, nova, python-keystoneclient, quantum, swift

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cinder
keystone
nova
python-keystoneclient
quantum
swift
Show less packages