Search CVE reports
1871 – 1880 of 37797 results
Not in release
web2py versions 2.27.1-stable+timestamp.2023.11.16.08.03.57 and prior contain an open redirect vulnerability. If this vulnerability is exploited, the user may be redirected to an arbitrary website when accessing a specially...
1 affected package
web2py
| Package | 22.04 LTS |
|---|---|
| web2py | Not in release |
Not in release
[Unknown description]
1 affected package
grafana
| Package | 22.04 LTS |
|---|---|
| grafana | Not in release |
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
7 affected packages
golang-1.17, golang-1.20, golang-1.21, golang-1.22, golang-1.23...
| Package | 22.04 LTS |
|---|---|
| golang-1.17 | Needs evaluation |
| golang-1.20 | Needs evaluation |
| golang-1.21 | Needs evaluation |
| golang-1.22 | Needs evaluation |
| golang-1.23 | Needs evaluation |
| golang-1.24 | Needs evaluation |
| golang-1.25 | Not in release |
It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open("../") would open the parent directory of the Root. This escape only permits opening the parent...
2 affected packages
golang-1.23, golang-1.24
| Package | 22.04 LTS |
|---|---|
| golang-1.23 | Not affected |
| golang-1.24 | Needs evaluation |
@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an...
1 affected package
node-brace-expansion
| Package | 22.04 LTS |
|---|---|
| node-brace-expansion | Needs evaluation |
Not in release
jsonwebtoken is a JWT lib in rust. Prior to version 10.3.0, there is a Type Confusion vulnerability in jsonwebtoken, specifically, in its claim validation logic. When a standard claim (such as nbf or exp) is provided with an...
1 affected package
rust-jsonwebtoken
| Package | 22.04 LTS |
|---|---|
| rust-jsonwebtoken | Not in release |
Not in release
GLPI is a free asset and IT management software package. In versions starting from 0.71 to before 10.0.23 and before 11.0.5, when remote authentication is used, based on SSO variables, a user can steal a GLPI session previously...
1 affected package
glpi
| Package | 22.04 LTS |
|---|---|
| glpi | Not in release |
Not in release
GLPI is a free asset and IT management software package. From version 11.0.0 to before 11.0.5, a GLPI administrator can perform SSRF request through the Webhook feature. This issue has been patched in version 11.0.5.
1 affected package
glpi
| Package | 22.04 LTS |
|---|---|
| glpi | Not in release |
Not in release
GLPI is a free asset and IT management software package. From version 0.85 to before 10.0.23, an authenticated user can perform a SQL injection. This issue has been patched in version 10.0.23.
1 affected package
glpi
| Package | 22.04 LTS |
|---|---|
| glpi | Not in release |
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each other The fragile ordering between marking commands completed or failed so that the...
157 affected packages
linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11, linux-hwe-5.13...
| Package | 22.04 LTS |
|---|---|
| linux-hwe | Not in release |
| linux-hwe-5.4 | Not in release |
| linux-hwe-5.8 | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Ignored |
| linux-hwe-6.2 | Ignored |
| linux-hwe-6.5 | Ignored |
| linux-hwe-6.8 | Vulnerable |
| linux-hwe-6.11 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-hwe-edge | Not in release |
| linux-lts-xenial | Not in release |
| linux-kvm | Vulnerable |
| linux-allwinner-5.19 | Ignored |
| linux-aws-5.0 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-5.8 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Ignored |
| linux-aws-6.2 | Ignored |
| linux-aws-6.5 | Ignored |
| linux-aws-6.8 | Vulnerable |
| linux-aws-6.14 | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure | Vulnerable |
| linux-azure-4.15 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Ignored |
| linux-azure-6.2 | Ignored |
| linux-azure-6.5 | Ignored |
| linux-azure-6.8 | Vulnerable |
| linux-azure-6.11 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-fde | Vulnerable |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Ignored |
| linux-azure-fde-6.2 | Ignored |
| linux-azure-fde-6.8 | Vulnerable |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-nvidia | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
| linux-bluefield | Not in release |
| linux-azure-edge | Not in release |
| linux-fips | Vulnerable |
| linux-aws-fips | Vulnerable |
| linux-azure-fips | Vulnerable |
| linux-gcp-fips | Vulnerable |
| linux-gcp | Vulnerable |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Ignored |
| linux-gcp-6.2 | Ignored |
| linux-gcp-6.5 | Ignored |
| linux-gcp-6.8 | Vulnerable |
| linux-gcp-6.11 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-gke | Vulnerable |
| linux-gke-4.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gke-5.15 | Not in release |
| linux-gkeop | Vulnerable |
| linux-gkeop-5.4 | Not in release |
| linux-gkeop-5.15 | Not in release |
| linux-ibm | Vulnerable |
| linux-ibm-5.4 | Not in release |
| linux-ibm-5.15 | Not in release |
| linux-ibm-6.8 | Vulnerable |
| linux-intel-5.13 | Not in release |
| linux-intel-iotg | Vulnerable |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-intel-iot-realtime | Vulnerable |
| linux-lowlatency | Vulnerable |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Ignored |
| linux-lowlatency-hwe-6.2 | Ignored |
| linux-lowlatency-hwe-6.5 | Ignored |
| linux-lowlatency-hwe-6.8 | Vulnerable |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia | Vulnerable |
| linux-nvidia-6.2 | Ignored |
| linux-nvidia-6.5 | Ignored |
| linux-nvidia-6.8 | Vulnerable |
| linux-nvidia-6.11 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-nvidia-tegra | Vulnerable |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-nvidia-tegra-igx | Vulnerable |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-6.5 | Ignored |
| linux-oracle-6.8 | Vulnerable |
| linux-oracle-6.14 | Not in release |
| linux-oem | Not in release |
| linux-oem-5.6 | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Ignored |
| linux-oem-6.0 | Ignored |
| linux-oem-6.1 | Ignored |
| linux-oem-6.5 | Ignored |
| linux-oem-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-oem-6.14 | Not in release |
| linux-oem-6.17 | Not in release |
| linux-raspi2 | Not in release |
| linux-raspi-5.4 | Not in release |
| linux-raspi-realtime | Not in release |
| linux-realtime-6.8 | Vulnerable |
| linux-realtime-6.14 | Not in release |
| linux-riscv | Ignored |
| linux-riscv-5.8 | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Ignored |
| linux-riscv-6.5 | Ignored |
| linux-riscv-6.8 | Vulnerable |
| linux-riscv-6.14 | Not in release |
| linux-starfive-5.19 | Ignored |
| linux-starfive-6.2 | Ignored |
| linux-starfive-6.5 | Ignored |
| linux-xilinx | Not in release |
| linux-xilinx-zynqmp | Vulnerable |
| linux | Vulnerable |
| linux-aws | Vulnerable |
| linux-oracle | Vulnerable |
| linux-raspi | Vulnerable |
| linux-realtime | Vulnerable |
| linux-aws-6.17 | Not in release |
| linux-gcp-6.17 | Not in release |
| linux-hwe-6.17 | Not in release |
| linux-oracle-6.17 | Not in release |
| linux-riscv-6.17 | Not in release |
| linux-azure-6.17 | Not in release |
| linux-azure-fde-6.17 | Not in release |
| linux-realtime-6.17 | Not in release |