Search CVE reports

1 – 10 of 1565 results

Detailed view

Sort by:

CVE-2023-49284

Medium priority

Needs evaluation

fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these...

1 affected package

fish

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
fish	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2017-1000

Medium priority

Some fixes available 8 of 10

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.

72 affected packages

linux, linux-azure, linux-azure-edge, linux-euclid, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	Not affected	Not affected	Not affected	Not affected
linux-azure	Not affected	Not affected	Not affected	Not affected
linux-azure-edge	Not in release	Not in release	Not in release	Not affected
linux-euclid	—	—	—	Not in release
linux-flo	—	—	—	Not in release
linux-gcp	Not affected	Not affected	Not affected	Not affected
linux-gke	Not affected	Not affected	Ignored	Not in release
linux-goldfish	—	—	—	Not in release
linux-grouper	—	—	—	Not in release
linux-hwe	Not in release	Not in release	Not in release	Not affected
linux-hwe-edge	Not in release	Not in release	Not in release	Not affected
linux-kvm	Not in release	Not affected	Not affected	Not affected
linux-lts-trusty	—	—	—	Not in release
linux-lts-utopic	—	—	—	Not in release
linux-lts-vivid	—	—	—	Not in release
linux-lts-wily	—	—	—	Not in release
linux-lts-xenial	Not in release	Not in release	Not in release	Not in release
linux-maguro	—	—	—	Not in release
linux-mako	—	—	—	Not in release
linux-manta	—	—	—	Not in release
linux-raspi2	Not in release	Not in release	Ignored	Not affected
linux-snapdragon	Not in release	Not in release	Not in release	Not affected
linux-oem	Not in release	Not in release	Not in release	Not affected
linux-aws	Not affected	Not affected	Not affected	Not affected
linux-hwe-5.4	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.15	Not in release	Not in release	Not affected	Not in release
linux-hwe-6.8	Not in release	Not affected	Not in release	Not in release
linux-aws-5.4	Not in release	Not in release	Not in release	Not affected
linux-aws-5.15	Not in release	Not in release	Not affected	Not in release
linux-aws-hwe	Not in release	Not in release	Not in release	Not in release
linux-azure-4.15	Not in release	Not in release	Not in release	Not affected
linux-azure-5.4	Not in release	Not in release	Not in release	Not affected
linux-azure-5.15	Not in release	Not in release	Not affected	Not in release
linux-azure-fde	Not affected	Not affected	Ignored	Not in release
linux-azure-fde-5.15	Not in release	Not in release	Not affected	Not in release
linux-bluefield	Not in release	Not in release	Not affected	Not in release
linux-fips	Not in release	Not affected	Not affected	Not affected
linux-aws-fips	Not in release	Not affected	Not affected	Not affected
linux-azure-fips	Not in release	Not affected	Not affected	Not affected
linux-gcp-fips	Not in release	Not affected	Not affected	Not affected
linux-gcp-4.15	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.4	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.15	Not in release	Not in release	Not affected	Not in release
linux-gkeop	Not affected	Not affected	Not affected	Not in release
linux-gkeop-5.15	Not in release	Not in release	Not affected	Not in release
linux-ibm	Not affected	Not affected	Not affected	Not in release
linux-ibm-5.4	Not in release	Not in release	Not in release	Not affected
linux-ibm-5.15	Not in release	Not in release	Not affected	Not in release
linux-intel	Not affected	Not in release	Not in release	Not in release
linux-intel-iotg	Not in release	Not affected	Not in release	Not in release
linux-intel-iotg-5.15	Not in release	Not in release	Not affected	Not in release
linux-iot	Not in release	Not in release	Not affected	Not in release
linux-intel-iot-realtime	Not in release	Not affected	Not in release	Not in release
linux-lowlatency	Not affected	Not affected	Not in release	Not in release
linux-lowlatency-hwe-5.15	Not in release	Not in release	Not affected	Not in release
linux-lowlatency-hwe-6.8	Not in release	Not affected	Not in release	Not in release
linux-nvidia	Not affected	Not affected	Not in release	Not in release
linux-nvidia-6.5	Not in release	Not affected	Not in release	Not in release
linux-nvidia-6.8	Not in release	Not affected	Not in release	Not in release
linux-nvidia-lowlatency	Not affected	Not in release	Not in release	Not in release
linux-oracle	Not affected	Not affected	Not affected	Not affected
linux-oracle-5.4	Not in release	Not in release	Not in release	Not affected
linux-oracle-5.15	Not in release	Not in release	Not affected	Not in release
linux-oem-6.8	Not affected	Not in release	Not in release	Not in release
linux-raspi	Not affected	Not affected	Not affected	Not in release
linux-raspi-5.4	Not in release	Not in release	Not in release	Not affected
linux-raspi-realtime	Not affected	Not in release	Not in release	Not in release
linux-realtime	Not affected	Not affected	Not in release	Not in release
linux-riscv	Not affected	Ignored	Ignored	Not in release
linux-riscv-5.15	Not in release	Not in release	Not affected	Not in release
linux-riscv-6.8	Not in release	Not affected	Not in release	Not in release
linux-xilinx-zynqmp	Not in release	Not affected	Not affected	Not in release

CVE-2022-2712

Medium priority

Needs evaluation

In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'. Successful exploitation could allow an remote unauthenticated attacker...

1 affected package

glassfish

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
glassfish	—	Not in release	Not in release	Needs evaluation

CVE-2011-4916

Low priority

Ignored

Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.

18 affected packages

linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-ec2	—	—	—	—
linux-flo	—	—	—	—
linux-fsl-imx51	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-lts-backport-maverick	—	—	—	—
linux-lts-backport-natty	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-mvl-dove	—	—	—	—
linux-ti-omap4	—	—	—	—

CVE-2011-4917

Low priority

Ignored

In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat.

18 affected packages

linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-ec2	—	—	—	—
linux-flo	—	—	—	—
linux-fsl-imx51	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-lts-backport-maverick	—	—	—	—
linux-lts-backport-natty	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-mvl-dove	—	—	—	—
linux-ti-omap4	—	—	—	—

CVE-2022-20001

Medium priority

Some fixes available 2 of 4

fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running...

1 affected package

fish

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
fish	Not affected	Fixed	Fixed	Not affected

CVE-2008-2544

Medium priority

Ignored

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise.

23 affected packages

linux, linux-armadaxp, linux-linaro-omap, linux-linaro-shared, linux-linaro-vexpress...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-ti-omap4	—	—	—	—
linux-flo	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—

CVE-2011-4915

Low priority

Ignored

fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.

18 affected packages

linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-ec2	—	—	—	—
linux-flo	—	—	—	—
linux-fsl-imx51	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-lts-backport-maverick	—	—	—	—
linux-lts-backport-natty	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-mvl-dove	—	—	—	—
linux-ti-omap4	—	—	—	—

CVE-2014-3856

Medium priority

Ignored

The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.

1 affected package

fish

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
fish	—	—	—	Not affected

CVE-2014-2914

Medium priority

Ignored

fish (aka fish-shell) 2.0.0 before 2.1.1 does not restrict access to the configuration service (aka fish_config), which allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by set_prompt.

1 affected package

fish

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
fish	—	—	—	Not affected

Export to JSON

Results by page: