Search CVE reports
81 – 90 of 37910 results
CVE-2024-55635
Medium priorityImproper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Core allows Cross-Site Scripting (XSS).This issue affects Drupal Core: from 7.0 before 7.102.
1 affected package
drupal7
Package | 16.04 LTS |
---|---|
drupal7 | Needs evaluation |
CVE-2024-55634
Medium priorityA vulnerability in Drupal Core allows Privilege Escalation.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8.
1 affected package
drupal7
Package | 16.04 LTS |
---|---|
drupal7 | Needs evaluation |
CVE-2024-12393
Medium priorityImproper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Core allows Cross-Site Scripting (XSS).This issue affects Drupal Core: from 8.8.0 before 10.2.11, from 10.3.0...
1 affected package
drupal7
Package | 16.04 LTS |
---|---|
drupal7 | Needs evaluation |
CVE-2024-55601
Medium priorityHugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are...
1 affected package
hugo
Package | 16.04 LTS |
---|---|
hugo | Needs evaluation |
CVE-2024-55566
Medium priorityColPack 1.0.10 through 9a7293a has a predictable temporary file (located under /tmp with a name derived from an unseeded RNG). The impact can be overwriting files or making ColPack graphing unavailable to other users.
1 affected package
colpack
Package | 16.04 LTS |
---|---|
colpack | Needs evaluation |
CVE-2024-55564
Medium priorityThe POSIX::2008 package before 0.24 for Perl has a potential _execve50c env buffer overflow.
1 affected package
libposix-2008-perl
Package | 16.04 LTS |
---|---|
libposix-2008-perl | Needs evaluation |
CVE-2024-46901
Medium priorityInsufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users...
1 affected package
subversion
Package | 16.04 LTS |
---|---|
subversion | Needs evaluation |
CVE-2024-53143
Medium priorityIn the Linux kernel, the following vulnerability has been resolved: fsnotify: Fix ordering of iput() and watched_objects decrement Ensure the superblock is kept alive until we're done with iput(). Holding a reference to an inode...
126 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
Package | 16.04 LTS |
---|---|
linux | Not affected |
linux-allwinner-5.19 | Not in release |
linux-aws | Not affected |
linux-aws-5.0 | Not in release |
linux-aws-5.11 | Not in release |
linux-aws-5.13 | Not in release |
linux-aws-5.15 | Not in release |
linux-aws-5.19 | Not in release |
linux-aws-5.3 | Not in release |
linux-aws-5.4 | Not in release |
linux-aws-5.8 | Not in release |
linux-aws-6.2 | Not in release |
linux-aws-6.5 | Not in release |
linux-aws-6.8 | Not in release |
linux-aws-fips | Ignored |
linux-aws-hwe | Not affected |
linux-azure | Not affected |
linux-azure-4.15 | Not in release |
linux-azure-5.11 | Not in release |
linux-azure-5.13 | Not in release |
linux-azure-5.15 | Not in release |
linux-azure-5.19 | Not in release |
linux-azure-5.3 | Not in release |
linux-azure-5.4 | Not in release |
linux-azure-5.8 | Not in release |
linux-azure-6.2 | Not in release |
linux-azure-6.5 | Not in release |
linux-azure-6.8 | Not in release |
linux-azure-edge | Not in release |
linux-azure-fde | Not in release |
linux-azure-fde-5.15 | Not in release |
linux-azure-fde-5.19 | Not in release |
linux-azure-fde-6.2 | Not in release |
linux-azure-fips | Ignored |
linux-bluefield | Not in release |
linux-fips | Not in release |
linux-gcp | Not affected |
linux-gcp-4.15 | Not in release |
linux-gcp-5.11 | Not in release |
linux-gcp-5.13 | Not in release |
linux-gcp-5.15 | Not in release |
linux-gcp-5.19 | Not in release |
linux-gcp-5.3 | Not in release |
linux-gcp-5.4 | Not in release |
linux-gcp-5.8 | Not in release |
linux-gcp-6.2 | Not in release |
linux-gcp-6.5 | Not in release |
linux-gcp-6.8 | Not in release |
linux-gcp-fips | Ignored |
linux-gke | Ignored |
linux-gke-4.15 | Not in release |
linux-gke-5.15 | Not in release |
linux-gke-5.4 | Not in release |
linux-gkeop | Not in release |
linux-gkeop-5.15 | Not in release |
linux-gkeop-5.4 | Not in release |
linux-hwe | Not affected |
linux-hwe-5.11 | Not in release |
linux-hwe-5.13 | Not in release |
linux-hwe-5.15 | Not in release |
linux-hwe-5.19 | Not in release |
linux-hwe-5.4 | Not in release |
linux-hwe-5.8 | Not in release |
linux-hwe-6.2 | Not in release |
linux-hwe-6.5 | Not in release |
linux-hwe-6.8 | Not in release |
linux-hwe-edge | Ignored |
linux-ibm | Not in release |
linux-ibm-5.15 | Not in release |
linux-ibm-5.4 | Not in release |
linux-intel | Not in release |
linux-intel-5.13 | Not in release |
linux-intel-iot-realtime | Not in release |
linux-intel-iotg | Not in release |
linux-intel-iotg-5.15 | Not in release |
linux-iot | Not in release |
linux-kvm | Not affected |
linux-lowlatency | Not in release |
linux-lowlatency-hwe-5.15 | Not in release |
linux-lowlatency-hwe-5.19 | Not in release |
linux-lowlatency-hwe-6.2 | Not in release |
linux-lowlatency-hwe-6.5 | Not in release |
linux-lowlatency-hwe-6.8 | Not in release |
linux-lts-xenial | Not in release |
linux-nvidia | Not in release |
linux-nvidia-6.2 | Not in release |
linux-nvidia-6.5 | Not in release |
linux-nvidia-6.8 | Not in release |
linux-nvidia-lowlatency | Not in release |
linux-oem | Ignored |
linux-oem-5.10 | Not in release |
linux-oem-5.13 | Not in release |
linux-oem-5.14 | Not in release |
linux-oem-5.17 | Not in release |
linux-oem-5.6 | Not in release |
linux-oem-6.0 | Not in release |
linux-oem-6.1 | Not in release |
linux-oem-6.11 | Not in release |
linux-oem-6.5 | Not in release |
linux-oem-6.8 | Not in release |
linux-oracle | Not affected |
linux-oracle-5.0 | Not in release |
linux-oracle-5.11 | Not in release |
linux-oracle-5.13 | Not in release |
linux-oracle-5.15 | Not in release |
linux-oracle-5.3 | Not in release |
linux-oracle-5.4 | Not in release |
linux-oracle-5.8 | Not in release |
linux-oracle-6.5 | Not in release |
linux-oracle-6.8 | Not in release |
linux-raspi | Not in release |
linux-raspi-5.4 | Not in release |
linux-raspi-realtime | Not in release |
linux-raspi2 | Ignored |
linux-realtime | Not in release |
linux-riscv | Not in release |
linux-riscv-5.11 | Not in release |
linux-riscv-5.15 | Not in release |
linux-riscv-5.19 | Not in release |
linux-riscv-5.8 | Not in release |
linux-riscv-6.5 | Not in release |
linux-riscv-6.8 | Not in release |
linux-starfive-5.19 | Not in release |
linux-starfive-6.2 | Not in release |
linux-starfive-6.5 | Not in release |
linux-xilinx-zynqmp | Not in release |
CVE-2024-12254
Medium priorityStarting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because...
11 affected packages
python2.7, python3.10, python3.11, python3.12, python3.13...
Package | 16.04 LTS |
---|---|
python2.7 | Not affected |
python3.10 | Not in release |
python3.11 | Not in release |
python3.12 | Not in release |
python3.13 | Not in release |
python3.4 | Not in release |
python3.5 | Not affected |
python3.6 | Not in release |
python3.7 | Not in release |
python3.8 | Not in release |
python3.9 | Not in release |
CVE-2024-6219
Medium priorityMark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured.
1 affected package
lxd
Package | 16.04 LTS |
---|---|
lxd | Needs evaluation |