Search CVE reports
21 – 30 of 41513 results
In the Linux kernel, the following vulnerability has been resolved: ksmbd: scope conn->binding slowpath to bound sessions only When the binding SESSION_SETUP sets conn->binding = true, the flag stays set after the call so that the...
160 affected packages
linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11...
| Package | 20.04 LTS |
|---|---|
| linux | Not affected |
| linux-hwe | Not in release |
| linux-hwe-5.4 | Not in release |
| linux-hwe-5.8 | Ignored |
| linux-hwe-5.11 | Ignored |
| linux-hwe-5.13 | Ignored |
| linux-hwe-5.15 | Vulnerable |
| linux-hwe-5.19 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-hwe-6.11 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-hwe-6.17 | Not in release |
| linux-hwe-edge | Not in release |
| linux-lts-xenial | Not in release |
| linux-kvm | Not affected |
| linux-allwinner-5.19 | Not in release |
| linux-aws | Not affected |
| linux-aws-5.0 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-5.8 | Ignored |
| linux-aws-5.11 | Ignored |
| linux-aws-5.13 | Ignored |
| linux-aws-5.15 | Vulnerable |
| linux-aws-5.19 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-aws-6.8 | Not in release |
| linux-aws-6.14 | Not in release |
| linux-aws-6.17 | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure | Not affected |
| linux-azure-4.15 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Ignored |
| linux-azure-5.11 | Ignored |
| linux-azure-5.13 | Ignored |
| linux-azure-5.15 | Vulnerable |
| linux-azure-5.19 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-azure-6.11 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-6.17 | Not in release |
| linux-azure-fde | Ignored |
| linux-azure-fde-5.15 | Vulnerable |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-azure-fde-6.8 | Not in release |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-fde-6.17 | Not in release |
| linux-azure-nvidia | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
| linux-bluefield | Not affected |
| linux-azure-edge | Not in release |
| linux-fips | Not affected |
| linux-aws-fips | Not affected |
| linux-azure-fips | Not affected |
| linux-gcp-fips | Not affected |
| linux-gcp | Not affected |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Ignored |
| linux-gcp-5.11 | Ignored |
| linux-gcp-5.13 | Ignored |
| linux-gcp-5.15 | Vulnerable |
| linux-gcp-5.19 | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-gcp-6.11 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-gcp-6.17 | Not in release |
| linux-gke | Ignored |
| linux-gke-4.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gke-5.15 | Ignored |
| linux-gkeop | Ignored |
| linux-gkeop-5.4 | Not in release |
| linux-gkeop-5.15 | Ignored |
| linux-ibm | Not affected |
| linux-ibm-5.4 | Not in release |
| linux-ibm-5.15 | Vulnerable |
| linux-ibm-6.8 | Not in release |
| linux-intel-5.13 | Ignored |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Vulnerable |
| linux-iot | Not affected |
| linux-intel-iot-realtime | Not in release |
| linux-lowlatency | Not in release |
| linux-lowlatency-hwe-5.15 | Vulnerable |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia | Not in release |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-6.11 | Not in release |
| linux-nvidia-6.17 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-nvidia-tegra | Not in release |
| linux-nvidia-tegra-5.15 | Vulnerable |
| linux-nvidia-tegra-igx | Not in release |
| linux-oracle | Not affected |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Ignored |
| linux-oracle-5.11 | Ignored |
| linux-oracle-5.13 | Ignored |
| linux-oracle-5.15 | Vulnerable |
| linux-oracle-6.5 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-oracle-6.14 | Not in release |
| linux-oracle-6.17 | Not in release |
| linux-oem | Not in release |
| linux-oem-5.6 | Ignored |
| linux-oem-5.10 | Ignored |
| linux-oem-5.13 | Ignored |
| linux-oem-5.14 | Ignored |
| linux-oem-5.17 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-oem-6.14 | Not in release |
| linux-oem-6.17 | Not in release |
| linux-raspi | Not affected |
| linux-raspi2 | Ignored |
| linux-raspi-5.4 | Not in release |
| linux-raspi-realtime | Not in release |
| linux-realtime | Not in release |
| linux-realtime-6.8 | Not in release |
| linux-realtime-6.14 | Not in release |
| linux-riscv | Ignored |
| linux-riscv-5.8 | Ignored |
| linux-riscv-5.11 | Ignored |
| linux-riscv-5.15 | Vulnerable |
| linux-riscv-5.19 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-riscv-6.14 | Not in release |
| linux-riscv-6.17 | Not in release |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |
| linux-xilinx | Not in release |
| linux-xilinx-zynqmp | Not affected |
| linux-realtime-6.17 | Not in release |
| linux-hwe-7.0 | Not in release |
| linux-oem-7.0 | Not in release |
Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in print_attribute UTF8STRING path. print_attribute() copies a UTF8STRING ASN.1 attribute value into a heap buffer sized exactly to its declared length...
1 affected package
libcrypt-openssl-pkcs12-perl
| Package | 20.04 LTS |
|---|---|
| libcrypt-openssl-pkcs12-perl | Needs evaluation |
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit depth causes a signed integer overflow in `de265_image_get_buffer()`...
1 affected package
libde265
| Package | 20.04 LTS |
|---|---|
| libde265 | Needs evaluation |
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes `decoder_context::read_slice_NAL()` (`libde265/decctx.cc:481`) to attach slice headers to a...
1 affected package
libde265
| Package | 20.04 LTS |
|---|---|
| libde265 | Needs evaluation |
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted H.265 bitstream can cause an out-of-bounds array write in...
1 affected package
libde265
| Package | 20.04 LTS |
|---|---|
| libde265 | Needs evaluation |
YARD is a documentation generation tool for the Ruby programming language. Prior to version 0.9.44, YARD's static cache lookup reads a request path before the router's path cleanup runs. When a server is configured with a document...
1 affected package
yard
| Package | 20.04 LTS |
|---|---|
| yard | Needs evaluation |
urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API (`preload_content=False`) when using Brotli support. The issue arises due to three independent code paths in `response.py` that bypass the...
2 affected packages
python-urllib3, python-pip
| Package | 20.04 LTS |
|---|---|
| python-urllib3 | Needs evaluation |
| python-pip | Needs evaluation |
libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offsets using unit_offset + unit_size. Because the addition can wrap, a...
1 affected package
libheif
| Package | 20.04 LTS |
|---|---|
| libheif | Not affected |
A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC (Scalable Video Coding) layer ID control allows an attacker to supply...
1 affected package
aom
| Package | 20.04 LTS |
|---|---|
| aom | Needs evaluation |
A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer ID control function allows setting a spatial_layer_id exceeding...
1 affected package
aom
| Package | 20.04 LTS |
|---|---|
| aom | Needs evaluation |