Search CVE reports
71 – 80 of 1350 results
Not in release
Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of...
1 affected package
libspring-security-2.0-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libspring-security-2.0-java | — | — | Not in release | Not in release |
Spring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 contain a signature wrapping vulnerability during SAML response validation. When using the spring-security-saml2-service-provider component, a malicious user...
1 affected package
libspring-security-2.0-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libspring-security-2.0-java | — | — | Not in release | Not in release |
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a...
1 affected package
libspring-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libspring-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only...
1 affected package
libspring-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libspring-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one. A patch is...
1 affected package
golang-github-russellhaering-goxmldsig
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang-github-russellhaering-goxmldsig | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
Not in release
Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order...
1 affected package
libspring-security-2.0-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libspring-security-2.0-java | — | — | — | Not in release |
Not in release
Spring Security, versions 4.2.x up to 4.2.12, and older unsupported versions support plain text passwords using PlaintextPasswordEncoder. If an application using an affected version of Spring Security is...
1 affected package
libspring-security-2.0-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libspring-security-2.0-java | — | — | Not in release | Not in release |
Some fixes available 23 of 25
Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.
80 affected packages
linux-realtime, linux-azure-6.8, linux-oem-6.11, linux-gcp-fips, linux-fips...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux-realtime | Not affected | Not affected | Not in release | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-fips | Not in release | Not affected | Not affected | Not affected |
| linux-fips | Not in release | Not affected | Not affected | Not affected |
| linux | Not affected | Not affected | Not affected | Fixed |
| linux-aws | Not affected | Not affected | Not affected | Fixed |
| linux-azure | Not affected | Not affected | Not affected | Fixed |
| linux-azure-edge | Not in release | Not in release | Not in release | Not affected |
| linux-euclid | — | — | — | Not in release |
| linux-flo | — | — | — | Not in release |
| linux-gcp | Not affected | Not affected | Not affected | Fixed |
| linux-gke | Not affected | Not affected | Ignored | Not in release |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected |
| linux-kvm | Not in release | Not affected | Not affected | Fixed |
| linux-lts-quantal | — | — | — | Not in release |
| linux-lts-raring | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Fixed |
| linux-raspi2 | Not in release | Not in release | Ignored | Fixed |
| linux-snapdragon | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release |
| linux-aws-fips | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | Not affected | Not affected | Not affected | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-ibm | Not affected | Not affected | Not affected | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release |
| linux-intel-iot-realtime | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release |
| linux-oracle | Not affected | Not affected | Not affected | Not affected |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | Not affected | Not in release | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release |
Some fixes available 16 of 18
The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference).
79 affected packages
linux-realtime, linux-azure-6.8, linux-oem-6.11, linux-fips, linux...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux-realtime | Not affected | Not affected | Not in release | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-fips | Not in release | Not affected | Not affected | Not affected |
| linux | Not affected | Not affected | Not affected | Not affected |
| linux-aws | Not affected | Not affected | Not affected | Not affected |
| linux-azure | Not affected | Not affected | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release |
| linux-flo | — | — | — | Not in release |
| linux-gcp | Not affected | Not affected | Not affected | Not affected |
| linux-gke | Not affected | Not affected | Ignored | Not in release |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Not affected |
| linux-lts-quantal | — | — | — | Not in release |
| linux-lts-raring | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | Not in release |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected |
| linux-kvm | Not in release | Not affected | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Not affected |
| linux-raspi2 | Not in release | Not in release | Ignored | Not affected |
| linux-snapdragon | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release |
| linux-aws-fips | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | Not affected | Not affected | Not affected | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-ibm | Not affected | Not affected | Not affected | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release |
| linux-intel-iot-realtime | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release |
| linux-oracle | Not affected | Not affected | Not affected | Not affected |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | Not affected | Not in release | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release |
Some fixes available 14 of 24
Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the...
96 affected packages
linux-realtime, linux-azure-6.8, linux-oem-6.11, linux-fips, linux...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux-realtime | Not affected | Not affected | Not in release | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-fips | Not in release | Not affected | Not affected | Not affected |
| linux | Not affected | Not affected | Not affected | Not affected |
| linux-raspi2 | Not in release | Not in release | Ignored | Not affected |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release |
| linux-snapdragon | Not in release | Not in release | Not in release | Fixed |
| linux-aws | Not affected | Not affected | Not affected | Not affected |
| linux-hwe | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected |
| linux-gke | Not affected | Not affected | Ignored | Not in release |
| linux-azure | Not affected | Not affected | Not affected | Not affected |
| linux-gcp | Not affected | Not affected | Not affected | Not affected |
| linux-kvm | Not in release | Not affected | Not affected | Not affected |
| linux-oem | Not in release | Not in release | Not in release | Not affected |
| linux-azure-edge | Not in release | Not in release | Not in release | Not affected |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release |
| linux-oracle | Not affected | Not affected | Not affected | Not affected |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Ignored | Not in release |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release |
| linux-aws-fips | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | Not affected | Not affected | Not affected | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-ibm | Not affected | Not affected | Not affected | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release |
| linux-intel-iot-realtime | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | Not affected | Not in release | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-6.11 | Ignored | Not in release | Not in release | Not in release |
| linux-hwe-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-aws-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-azure-6.11 | Ignored | Not in release | Not in release | Not in release |
| linux-azure-nvidia | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-6.11 | Ignored | Not in release | Not in release | Not in release |
| linux-gcp-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-ibm-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-6.11 | Ignored | Not in release | Not in release | Not in release |
| linux-nvidia-tegra | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-tegra-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-nvidia-tegra-igx | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-oem-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-riscv-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-euclid | — | — | — | Not in release |
| linux-flo | — | — | — | Not in release |
| linux-gcp-edge | — | — | — | Not affected |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | Not in release |
| linux-lts-raring | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |