Search CVE reports
91 – 100 of 1355 results
A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS.
11 affected packages
linux, linux-armadaxp, linux-ec2, linux-fsl-imx51, linux-lts-backport-maverick...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux | — | — | — | — |
| linux-armadaxp | — | — | — | — |
| linux-ec2 | — | — | — | — |
| linux-fsl-imx51 | — | — | — | — |
| linux-lts-backport-maverick | — | — | — | — |
| linux-lts-backport-natty | — | — | — | — |
| linux-lts-backport-oneiric | — | — | — | — |
| linux-lts-quantal | — | — | — | — |
| linux-lts-raring | — | — | — | — |
| linux-mvl-dove | — | — | — | — |
| linux-ti-omap4 | — | — | — | — |
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.
27 affected packages
linux, linux-armadaxp, linux-aws, linux-flo, linux-gke...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux | — | — | — | — |
| linux-armadaxp | — | — | — | — |
| linux-aws | — | — | — | — |
| linux-flo | — | — | — | — |
| linux-gke | — | — | — | — |
| linux-goldfish | — | — | — | — |
| linux-grouper | — | — | — | — |
| linux-hwe | — | — | — | — |
| linux-hwe-edge | — | — | — | — |
| linux-linaro-omap | — | — | — | — |
| linux-linaro-shared | — | — | — | — |
| linux-linaro-vexpress | — | — | — | — |
| linux-lts-quantal | — | — | — | — |
| linux-lts-raring | — | — | — | — |
| linux-lts-saucy | — | — | — | — |
| linux-lts-trusty | — | — | — | — |
| linux-lts-utopic | — | — | — | — |
| linux-lts-vivid | — | — | — | — |
| linux-lts-wily | — | — | — | — |
| linux-lts-xenial | — | — | — | — |
| linux-maguro | — | — | — | — |
| linux-mako | — | — | — | — |
| linux-manta | — | — | — | — |
| linux-qcm-msm | — | — | — | — |
| linux-raspi2 | — | — | — | — |
| linux-snapdragon | — | — | — | — |
| linux-ti-omap4 | — | — | — | — |
Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.
2 affected packages
libspring-2.5-java, libstruts1.2-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libspring-2.5-java | — | — | — | Not in release |
| libstruts1.2-java | — | — | — | Not in release |
Some fixes available 5 of 6
Python keyring lib before 0.10 created keyring files with world-readable permissions.
1 affected package
python-keyring
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| python-keyring | — | — | — | — |
Not in release
Spring Security, versions 4.2.x up to 4.2.12, and older unsupported versions support plain text passwords using PlaintextPasswordEncoder. If an application using an affected version of Spring Security is...
1 affected package
libspring-security-2.0-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libspring-security-2.0-java | — | — | Not in release | Not in release |
Not in release
Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order...
1 affected package
libspring-security-2.0-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libspring-security-2.0-java | — | — | — | Not in release |
In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.
1 affected package
gnome-keyring
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gnome-keyring | — | — | — | Not affected |
GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs...
1 affected package
gnome-keyring
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gnome-keyring | Not affected | Not affected | Not affected | Not affected |
Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the...
1 affected package
libspring-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libspring-java | Not affected | Not affected | Not affected | Not affected |
It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in...
27 affected packages
linux, linux-armadaxp, linux-aws, linux-flo, linux-gke...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux | — | — | — | — |
| linux-armadaxp | — | — | — | — |
| linux-aws | — | — | — | — |
| linux-flo | — | — | — | — |
| linux-gke | — | — | — | — |
| linux-goldfish | — | — | — | — |
| linux-grouper | — | — | — | — |
| linux-hwe | — | — | — | — |
| linux-hwe-edge | — | — | — | — |
| linux-linaro-omap | — | — | — | — |
| linux-linaro-shared | — | — | — | — |
| linux-linaro-vexpress | — | — | — | — |
| linux-lts-quantal | — | — | — | — |
| linux-lts-raring | — | — | — | — |
| linux-lts-saucy | — | — | — | — |
| linux-lts-trusty | — | — | — | — |
| linux-lts-utopic | — | — | — | — |
| linux-lts-vivid | — | — | — | — |
| linux-lts-wily | — | — | — | — |
| linux-lts-xenial | — | — | — | — |
| linux-maguro | — | — | — | — |
| linux-mako | — | — | — | — |
| linux-manta | — | — | — | — |
| linux-qcm-msm | — | — | — | — |
| linux-raspi2 | — | — | — | — |
| linux-snapdragon | — | — | — | — |
| linux-ti-omap4 | — | — | — | — |