Search CVE reports
1541 – 1550 of 35263 results
The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parsers are required to reject documents containing such...
2 affected packages
apache-log4j1.2, apache-log4j2
| Package | 24.04 LTS |
|---|---|
| apache-log4j1.2 | Needs evaluation |
| apache-log4j2 | Needs evaluation |
Apache Log4j Core's Rfc5424Layout https://logging.apache.org/log4j/2.x/manual/layouts.html#RFC5424Layout , in versions 2.21.0 through 2.25.3, is vulnerable to log injection via CRLF sequences due to undocumented renames of...
2 affected packages
apache-log4j1.2, apache-log4j2
| Package | 24.04 LTS |
|---|---|
| apache-log4j1.2 | Needs evaluation |
| apache-log4j2 | Needs evaluation |
The fix for CVE-2025-68161 https://logging.apache.org/security.html#CVE-2025-68161 was incomplete: it addressed hostname verification only when enabled via...
1 affected package
apache-log4j2
| Package | 24.04 LTS |
|---|---|
| apache-log4j2 | Needs evaluation |
HDF5 is software for managing data. In 1.14.1-2 and earlier, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition in the H5T__ref_mem_setnull method. This can lead to a...
1 affected package
hdf5
| Package | 24.04 LTS |
|---|---|
| hdf5 | Needs evaluation |
NASM’s disasm() function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker triggered out-of-bounds write when `slen` exceeds the buffer capacity.
1 affected package
nasm
| Package | 24.04 LTS |
|---|---|
| nasm | Needs evaluation |
NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before...
1 affected package
nasm
| Package | 24.04 LTS |
|---|---|
| nasm | Needs evaluation |
A heap buffer overflow vulnerability exists in the Netwide Assembler (NASM) due to a lack of bounds checking in the obj_directive() function. This vulnerability can be exploited by a user assembling a malicious .asm...
1 affected package
nasm
| Package | 24.04 LTS |
|---|---|
| nasm | Needs evaluation |
Not in release
Improper synchronization of the userTokens map in the API server in Canonical Juju 4.0.5, 3.6.20, and 2.9.56 may allow an authenticated user to possibly cause a denial of service on the server or possibly reuse a single-use...
1 affected package
juju
| Package | 24.04 LTS |
|---|---|
| juju | Not in release |
Not in release
In Juju versions prior to 2.9.57 and 3.6.21, an authorization issue exists in the Controller facade. An authenticated user can call the CloudSpec API method to extract the cloud credentials used to bootstrap the controller. This...
1 affected package
juju
| Package | 24.04 LTS |
|---|---|
| juju | Not in release |
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks() The `check_command_size_in_blocks()` function calculates the data...
157 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-5.11, linux-aws-5.13...
| Package | 24.04 LTS |
|---|---|
| linux | Vulnerable |
| linux-aws | Vulnerable |
| linux-aws-5.0 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-5.8 | Not in release |
| linux-aws-6.14 | Ignored |
| linux-aws-6.17 | Vulnerable |
| linux-aws-6.8 | Not in release |
| linux-aws-fips | Vulnerable |
| linux-aws-hwe | Not in release |
| linux-azure | Vulnerable |
| linux-azure-4.15 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Not in release |
| linux-azure-6.14 | Vulnerable |
| linux-azure-6.17 | Vulnerable |
| linux-azure-6.8 | Not in release |
| linux-azure-edge | Not in release |
| linux-azure-fde | Vulnerable |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-6.14 | Vulnerable |
| linux-azure-fde-6.17 | Vulnerable |
| linux-azure-fde-6.8 | Not in release |
| linux-azure-fips | Vulnerable |
| linux-azure-nvidia | Vulnerable |
| linux-azure-nvidia-6.14 | Vulnerable |
| linux-bluefield | Not in release |
| linux-fips | Vulnerable |
| linux-gcp | Vulnerable |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Not in release |
| linux-gcp-6.14 | Ignored |
| linux-gcp-6.17 | Vulnerable |
| linux-gcp-6.8 | Not in release |
| linux-gcp-fips | Vulnerable |
| linux-gke | Vulnerable |
| linux-gke-4.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gkeop | Vulnerable |
| linux-gkeop-5.15 | Not in release |
| linux-gkeop-5.4 | Not in release |
| linux-hwe | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.4 | Not in release |
| linux-hwe-5.8 | Not in release |
| linux-hwe-6.14 | Ignored |
| linux-hwe-6.17 | Vulnerable |
| linux-hwe-6.8 | Not in release |
| linux-hwe-edge | Not in release |
| linux-ibm | Vulnerable |
| linux-ibm-5.15 | Not in release |
| linux-ibm-5.4 | Not in release |
| linux-ibm-6.8 | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-kvm | Not in release |
| linux-lowlatency | Vulnerable |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-lts-xenial | Not in release |
| linux-nvidia | Vulnerable |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-lowlatency | Vulnerable |
| linux-nvidia-tegra | Vulnerable |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-nvidia-tegra-igx | Not in release |
| linux-oem | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.6 | Not in release |
| linux-oem-6.14 | Ignored |
| linux-oem-6.17 | Vulnerable |
| linux-oracle | Vulnerable |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Not in release |
| linux-oracle-6.14 | Ignored |
| linux-oracle-6.17 | Vulnerable |
| linux-oracle-6.8 | Not in release |
| linux-raspi | Vulnerable |
| linux-raspi-5.4 | Not in release |
| linux-raspi-realtime | Vulnerable |
| linux-raspi2 | Not in release |
| linux-realtime | Vulnerable |
| linux-realtime-6.14 | Ignored |
| linux-realtime-6.17 | Vulnerable |
| linux-realtime-6.8 | Not in release |
| linux-riscv | Ignored |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.8 | Not in release |
| linux-riscv-6.17 | Vulnerable |
| linux-riscv-6.8 | Not in release |
| linux-xilinx | Vulnerable |
| linux-xilinx-zynqmp | Not in release |
| linux-hwe-5.19 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.11 | Ignored |
| linux-allwinner-5.19 | Not in release |
| linux-aws-5.19 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-azure-5.19 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-6.11 | Ignored |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-gcp-5.19 | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gcp-6.11 | Ignored |
| linux-gke-5.15 | Not in release |
| linux-intel-5.13 | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.11 | Ignored |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.11 | Ignored |
| linux-oracle-6.5 | Not in release |
| linux-oem-5.17 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Ignored |
| linux-oem-6.11 | Ignored |
| linux-riscv-5.19 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.14 | Ignored |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |