Search CVE reports
1 – 10 of 35249 results
CVE-2025-47905
Medium priorityVarnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterprise before 6.0.13r14, allow client-side desync via HTTP/1 requests, because the product incorrectly permits CRLF to be skipped to delimit chunk boundaries.
1 affected package
varnish
| Package | 18.04 LTS |
|---|---|
| varnish | Needs evaluation |
CVE-2025-20623
Medium priorityExposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Core™ processors (10th Generation) may allow an authenticated user to potentially enable...
1 affected package
intel-microcode
| Package | 18.04 LTS |
|---|---|
| intel-microcode | Needs evaluation |
CVE-2025-20103
Medium priorityInsufficient resource pool in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
1 affected package
intel-microcode
| Package | 18.04 LTS |
|---|---|
| intel-microcode | Needs evaluation |
CVE-2025-20054
Medium priorityUncaught exception in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
1 affected package
intel-microcode
| Package | 18.04 LTS |
|---|---|
| intel-microcode | Needs evaluation |
CVE-2024-45332
Medium priorityExposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user...
1 affected package
intel-microcode
| Package | 18.04 LTS |
|---|---|
| intel-microcode | Needs evaluation |
CVE-2024-43420
Medium priorityExposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom(R) processors may allow an authenticated user to potentially enable information...
1 affected package
intel-microcode
| Package | 18.04 LTS |
|---|---|
| intel-microcode | Needs evaluation |
CVE-2025-47278
Medium priorityFlask is a web server gateway interface (WSGI) web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing...
1 affected package
flask
| Package | 18.04 LTS |
|---|---|
| flask | Needs evaluation |
CVE-2025-32917
Medium priorityPrivilege escalation in jar_signature agent plugin in Checkmk versions <2.4.0b7 (beta), <2.3.0p32, <2.2.0p42, and 2.1.0p49 (EOL) allow user with write access to JAVA_HOME/bin directory to escalate privileges.
1 affected package
check-mk
| Package | 18.04 LTS |
|---|---|
| check-mk | Needs evaluation |
CVE-2025-26646
Medium priorityNot in release
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 18.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
CVE-2025-24495
Medium priorityIncorrect initialization of resource in the branch prediction unit for some Intel(R) Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access.
1 affected package
intel-microcode
| Package | 18.04 LTS |
|---|---|
| intel-microcode | Needs evaluation |