Search CVE reports
16511 – 16520 of 48196 results
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no...
1 affected package
bluez
| Package | 16.04 LTS |
|---|---|
| bluez | Fixed |
Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for...
3 affected packages
golang-1.19, golang-1.20, golang-1.21
| Package | 16.04 LTS |
|---|---|
| golang-1.19 | Ignored |
| golang-1.20 | Ignored |
| golang-1.21 | Ignored |
A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause...
3 affected packages
golang-1.19, golang-1.20, golang-1.21
| Package | 16.04 LTS |
|---|---|
| golang-1.19 | Ignored |
| golang-1.20 | Ignored |
| golang-1.21 | Ignored |
PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause...
1 affected package
pydrive2
| Package | 16.04 LTS |
|---|---|
| pydrive2 | Ignored |
Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it...
2 affected packages
golang-1.19, golang-1.20
| Package | 16.04 LTS |
|---|---|
| golang-1.19 | Ignored |
| golang-1.20 | Ignored |
An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1~dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this...
1 affected package
gpsd
| Package | 16.04 LTS |
|---|---|
| gpsd | Not affected |
When a Multipart request is performed but some of the fields exceed the maxStringLength limit, the upload files will remain in struts.multipart.saveDir even if the request has been denied. Users are recommended to upgrade to...
1 affected package
libstruts1.2-java
| Package | 16.04 LTS |
|---|---|
| libstruts1.2-java | Ignored |
Memory corruption in Kernel while parsing metadata.
167 affected packages
linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11, linux-hwe-5.13...
| Package | 16.04 LTS |
|---|---|
| linux-hwe | Not affected |
| linux-hwe-5.4 | Not in release |
| linux-hwe-5.8 | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-edge | Ignored |
| linux-lts-xenial | Not in release |
| linux | Not affected |
| linux-kvm | Not affected |
| linux-allwinner | Not in release |
| linux-allwinner-5.19 | Not in release |
| linux-aws-5.0 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-5.8 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-hwe | Not affected |
| linux-azure-4.15 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-fde | Not in release |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-bluefield | Not in release |
| linux-dell300x | Not in release |
| linux-azure-edge | Not in release |
| linux-fips | Not affected |
| linux-gcp | Not affected |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gke | Ignored |
| linux-gke-4.15 | Not in release |
| linux-gke-5.0 | Not in release |
| linux-gke-5.3 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gke-5.15 | Not in release |
| linux-gkeop | Not in release |
| linux-gkeop-5.4 | Not in release |
| linux-gkeop-5.15 | Not in release |
| linux-ibm | Not in release |
| linux-ibm-5.4 | Not in release |
| linux-ibm-5.15 | Not in release |
| linux-intel-5.13 | Not in release |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-laptop | Not in release |
| linux-lowlatency | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-nvidia | Not in release |
| linux-nvidia-6.2 | Not in release |
| linux-oracle | Not affected |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oem | Ignored |
| linux-oem-5.6 | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-osp1 | Not in release |
| linux-raspi | Not in release |
| linux-raspi2 | Ignored |
| linux-raspi2-5.3 | Not in release |
| linux-raspi-5.4 | Not in release |
| linux-riscv | Not in release |
| linux-riscv-5.8 | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Not in release |
| linux-snapdragon | Ignored |
| linux-starfive | Not in release |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-xilinx-zynqmp | Not in release |
| linux-aws | Not affected |
| linux-azure | Not affected |
| linux-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-starfive-6.5 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-oracle-6.5 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-aws-fips | Not in release |
| linux-azure-fips | Not in release |
| linux-gcp-fips | Not in release |
| linux-oem-6.8 | Not in release |
| linux-intel | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-raspi-realtime | Not in release |
| linux-realtime | Not in release |
| linux-aws-6.8 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-hwe-6.11 | Not in release |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia-tegra | Not in release |
| linux-nvidia-tegra-igx | Not in release |
| linux-azure-nvidia | Not in release |
| linux-azure-6.11 | Not in release |
| linux-gcp-6.11 | Not in release |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-oem-6.14 | Not in release |
| linux-riscv-6.14 | Not in release |
| linux-ibm-6.8 | Not in release |
| linux-aws-6.14 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-oracle-6.14 | Not in release |
| linux-nvidia-6.11 | Not in release |
| linux-realtime-6.14 | Not in release |
| linux-realtime-6.8 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
| linux-xilinx | Not in release |
| linux-oem-6.17 | Not in release |
| linux-azure-fde-6.8 | Not in release |
| linux-aws-6.17 | Not in release |
| linux-gcp-6.17 | Not in release |
| linux-hwe-6.17 | Not in release |
| linux-oracle-6.17 | Not in release |
| linux-riscv-6.17 | Not in release |
| linux-azure-6.17 | Not in release |
| linux-azure-fde-6.17 | Not in release |
| linux-realtime-6.17 | Not in release |
fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these...
1 affected package
fish
| Package | 16.04 LTS |
|---|---|
| fish | Needs evaluation |
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of...
2 affected packages
squid, squid3
| Package | 16.04 LTS |
|---|---|
| squid | Ignored |
| squid3 | Vulnerable |