Search CVE reports

38511 – 38520 of 62088 results

Detailed view

Sort by:

CVE-2017-13692

Medium priority

Not affected

In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attackers to cause a denial of service (Segmentation Fault), as demonstrated by an invalid ISALNUM argument.

2 affected packages

tidy, tidy-html5

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
tidy	—	—	—	—
tidy-html5	—	—	—	—

CVE-2017-13695

Negligible priority

Some fixes available 22 of 36

The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from...

99 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	Not affected	Not affected	Not affected	Fixed
linux-aws	Not affected	Not affected	Not affected	Fixed
linux-aws-hwe	Not in release	Not in release	Not in release	Not in release
linux-azure	Not affected	Not affected	Not affected	Fixed
linux-azure-edge	Not in release	Not in release	Not in release	Fixed
linux-euclid	—	—	—	Not in release
linux-flo	—	—	—	Not in release
linux-gcp	Not affected	Not affected	Not affected	Fixed
linux-gcp-edge	—	—	—	Not affected
linux-gke	Not affected	Not affected	Ignored	Not in release
linux-goldfish	—	—	—	Not in release
linux-grouper	—	—	—	Not in release
linux-hwe	Not in release	Not in release	Not in release	Not affected
linux-hwe-edge	Not in release	Not in release	Not in release	Not affected
linux-kvm	Not in release	Not affected	Not affected	Fixed
linux-lts-quantal	—	—	—	Not in release
linux-lts-raring	—	—	—	Not in release
linux-lts-saucy	—	—	—	Not in release
linux-lts-trusty	—	—	—	Not in release
linux-lts-utopic	—	—	—	Not in release
linux-lts-vivid	—	—	—	Not in release
linux-lts-wily	—	—	—	Not in release
linux-lts-xenial	Not in release	Not in release	Not in release	Not in release
linux-maguro	—	—	—	Not in release
linux-mako	—	—	—	Not in release
linux-manta	—	—	—	Not in release
linux-oem	Not in release	Not in release	Not in release	Fixed
linux-oracle	Not affected	Not affected	Not affected	Not affected
linux-raspi2	Not in release	Not in release	Ignored	Fixed
linux-snapdragon	Not in release	Not in release	Not in release	Fixed
linux-hwe-5.4	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.15	Not in release	Not in release	Not affected	Not in release
linux-hwe-6.8	Not in release	Not affected	Not in release	Not in release
linux-aws-5.4	Not in release	Not in release	Not in release	Not affected
linux-aws-5.15	Not in release	Not in release	Not affected	Not in release
linux-azure-4.15	Not in release	Not in release	Not in release	Not affected
linux-azure-5.4	Not in release	Not in release	Not in release	Not affected
linux-azure-5.15	Not in release	Not in release	Not affected	Not in release
linux-azure-fde	Not affected	Not affected	Ignored	Not in release
linux-azure-fde-5.15	Not in release	Not in release	Ignored	Not in release
linux-bluefield	Not in release	Not in release	Not affected	Not in release
linux-fips	Not in release	Not affected	Not affected	Not affected
linux-aws-fips	Not in release	Not affected	Not affected	Not affected
linux-azure-fips	Not in release	Not affected	Not affected	Not affected
linux-gcp-fips	Not in release	Not affected	Not affected	Not affected
linux-gcp-4.15	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.4	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.15	Not in release	Not in release	Not affected	Not in release
linux-gkeop	Not affected	Not affected	Not affected	Not in release
linux-gkeop-5.15	Not in release	Not in release	Not affected	Not in release
linux-ibm	Not affected	Not affected	Not affected	Not in release
linux-ibm-5.4	Not in release	Not in release	Not in release	Not affected
linux-ibm-5.15	Not in release	Not in release	Not affected	Not in release
linux-intel	Not affected	Not in release	Not in release	Not in release
linux-intel-iotg	Not in release	Not affected	Not in release	Not in release
linux-intel-iotg-5.15	Not in release	Not in release	Not affected	Not in release
linux-iot	Not in release	Not in release	Not affected	Not in release
linux-intel-iot-realtime	Not in release	Not affected	Not in release	Not in release
linux-lowlatency	Not affected	Not affected	Not in release	Not in release
linux-lowlatency-hwe-5.15	Not in release	Not in release	Not affected	Not in release
linux-lowlatency-hwe-6.8	Not in release	Not affected	Not in release	Not in release
linux-nvidia	Not affected	Not affected	Not in release	Not in release
linux-nvidia-6.5	Not in release	Not affected	Not in release	Not in release
linux-nvidia-6.8	Not in release	Not affected	Not in release	Not in release
linux-nvidia-lowlatency	Not affected	Not in release	Not in release	Not in release
linux-oracle-5.4	Not in release	Not in release	Not in release	Not affected
linux-oracle-5.15	Not in release	Not in release	Not affected	Not in release
linux-oem-6.8	Not affected	Not in release	Not in release	Not in release
linux-raspi	Not affected	Not affected	Not affected	Not in release
linux-raspi-5.4	Not in release	Not in release	Not in release	Not affected
linux-raspi-realtime	Not affected	Not in release	Not in release	Not in release
linux-realtime	Not affected	Not affected	Not in release	Not in release
linux-riscv	Not affected	Ignored	Ignored	Not in release
linux-riscv-5.15	Not in release	Not in release	Not affected	Not in release
linux-riscv-6.8	Not in release	Not affected	Not in release	Not in release
linux-xilinx-zynqmp	Not in release	Not affected	Not affected	Not in release
linux-aws-6.8	Not in release	Not affected	Not in release	Not in release
linux-gcp-6.8	Not in release	Not affected	Not in release	Not in release
linux-oracle-6.8	Not in release	Not affected	Not in release	Not in release
linux-azure-6.8	Not in release	Not affected	Not in release	Not in release
linux-oem-6.11	Not affected	Not in release	Not in release	Not in release
linux-hwe-6.11	Ignored	Not in release	Not in release	Not in release
linux-hwe-6.14	Not affected	Not in release	Not in release	Not in release
linux-aws-6.14	Not affected	Not in release	Not in release	Not in release
linux-azure-6.11	Ignored	Not in release	Not in release	Not in release
linux-azure-nvidia	Not affected	Not in release	Not in release	Not in release
linux-gcp-6.11	Ignored	Not in release	Not in release	Not in release
linux-gcp-6.14	Not affected	Not in release	Not in release	Not in release
linux-ibm-6.8	Not in release	Not affected	Not in release	Not in release
linux-lowlatency-hwe-6.11	Ignored	Not in release	Not in release	Not in release
linux-nvidia-tegra	Not affected	Not affected	Not in release	Not in release
linux-nvidia-tegra-5.15	Not in release	Not in release	Not affected	Not in release
linux-nvidia-tegra-igx	Not in release	Not affected	Not in release	Not in release
linux-oracle-6.14	Not affected	Not in release	Not in release	Not in release
linux-oem-6.14	Not affected	Not in release	Not in release	Not in release
linux-riscv-6.14	Not affected	Not in release	Not in release	Not in release
linux-nvidia-6.11	Not affected	Not in release	Not in release	Not in release
linux-realtime-6.8	Not in release	Not affected	Not in release	Not in release
linux-realtime-6.14	Not affected	Not in release	Not in release	Not in release

CVE-2015-5700

Low priority

Fixed

mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write to arbitrary files via a symlink attack.

1 affected package

texlive-bin

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
texlive-bin	—	—	—	Not affected

CVE-2017-13686

Medium priority

Not affected

net/ipv4/route.c in the Linux kernel 4.13-rc1 through 4.13-rc6 is too late to check for a NULL fi field when RTM_F_FIB_MATCH is set, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have...

31 affected packages

linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-aws	—	—	—	—
linux-azure	—	—	—	—
linux-euclid	—	—	—	—
linux-flo	—	—	—	—
linux-gcp	—	—	—	—
linux-gke	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-kvm	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—
linux-ti-omap4	—	—	—	—

CVE-2015-8308

High priority

Ignored

LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections.

1 affected package

lxdm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
lxdm	—	—	—	Not affected

CVE-2017-12137

Medium priority

Fixed

arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.

1 affected package

xen

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
xen	—	—	—	—

CVE-2017-12136

Medium priority

Fixed

Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving...

1 affected package

xen

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
xen	—	—	—	—

CVE-2017-12135

Medium priority

Fixed

Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.

1 affected package

xen

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
xen	—	—	—	—

CVE-2017-13666

Low priority

Vulnerable

An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.5, as used in libbpg and other products. A small height value can cause an integer underflow,...

1 affected package

x265

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
x265	—	Not affected	Not affected	Not affected

CVE-2017-13658

Low priority

Ignored

In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo...

1 affected package

imagemagick

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	—	—	—	Not affected

Export to JSON

Results by page: