Search CVE reports
1 – 10 of 29276 results
CVE-2025-47905
Medium priorityVarnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterprise before 6.0.13r14, allow client-side desync via HTTP/1 requests, because the product incorrectly permits CRLF to be skipped to delimit chunk boundaries.
1 affected package
varnish
| Package | 22.04 LTS |
|---|---|
| varnish | Needs evaluation |
CVE-2025-4574
Medium priorityIn crossbeam-channel rust crate, the internal `Channel` type's `Drop` method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption.
1 affected package
rust-crossbeam-channel
| Package | 22.04 LTS |
|---|---|
| rust-crossbeam-channel | Needs evaluation |
CVE-2025-20623
Medium priorityExposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Coreā¢ processors (10th Generation) may allow an authenticated user to potentially enable...
1 affected package
intel-microcode
| Package | 22.04 LTS |
|---|---|
| intel-microcode | Needs evaluation |
CVE-2025-20103
Medium priorityInsufficient resource pool in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
1 affected package
intel-microcode
| Package | 22.04 LTS |
|---|---|
| intel-microcode | Needs evaluation |
CVE-2025-20054
Medium priorityUncaught exception in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
1 affected package
intel-microcode
| Package | 22.04 LTS |
|---|---|
| intel-microcode | Needs evaluation |
CVE-2024-45332
Medium priorityExposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user...
1 affected package
intel-microcode
| Package | 22.04 LTS |
|---|---|
| intel-microcode | Needs evaluation |
CVE-2024-43420
Medium priorityExposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom(R) processors may allow an authenticated user to potentially enable information...
1 affected package
intel-microcode
| Package | 22.04 LTS |
|---|---|
| intel-microcode | Needs evaluation |
CVE-2025-4658
Medium priorityNot in release
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication,...
1 affected package
opkssh
| Package | 22.04 LTS |
|---|---|
| opkssh | Not in release |
CVE-2025-3757
Medium priorityNot in release
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification.
1 affected package
golang-github-openpubkey-openpubkey
| Package | 22.04 LTS |
|---|---|
| golang-github-openpubkey-openpubkey | Not in release |
CVE-2025-47278
Medium priorityFlask is a web server gateway interface (WSGI) web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing...
1 affected package
flask
| Package | 22.04 LTS |
|---|---|
| flask | Needs evaluation |