Search CVE reports
441 – 450 of 43329 results
The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parsers are required to reject documents containing such...
2 affected packages
apache-log4j1.2, apache-log4j2
| Package | 18.04 LTS |
|---|---|
| apache-log4j1.2 | Needs evaluation |
| apache-log4j2 | Needs evaluation |
Apache Log4j Core's Rfc5424Layout https://logging.apache.org/log4j/2.x/manual/layouts.html#RFC5424Layout , in versions 2.21.0 through 2.25.3, is vulnerable to log injection via CRLF sequences due to undocumented renames of...
2 affected packages
apache-log4j1.2, apache-log4j2
| Package | 18.04 LTS |
|---|---|
| apache-log4j1.2 | Needs evaluation |
| apache-log4j2 | Needs evaluation |
The fix for CVE-2025-68161 https://logging.apache.org/security.html#CVE-2025-68161 was incomplete: it addressed hostname verification only when enabled via...
1 affected package
apache-log4j2
| Package | 18.04 LTS |
|---|---|
| apache-log4j2 | Needs evaluation |
HDF5 is software for managing data. In 1.14.1-2 and earlier, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition in the H5T__ref_mem_setnull method. This can lead to a...
1 affected package
hdf5
| Package | 18.04 LTS |
|---|---|
| hdf5 | Needs evaluation |
NASM’s disasm() function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker triggered out-of-bounds write when `slen` exceeds the buffer capacity.
1 affected package
nasm
| Package | 18.04 LTS |
|---|---|
| nasm | Needs evaluation |
NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before...
1 affected package
nasm
| Package | 18.04 LTS |
|---|---|
| nasm | Needs evaluation |
A heap buffer overflow vulnerability exists in the Netwide Assembler (NASM) due to a lack of bounds checking in the obj_directive() function. This vulnerability can be exploited by a user assembling a malicious .asm...
1 affected package
nasm
| Package | 18.04 LTS |
|---|---|
| nasm | Needs evaluation |
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks() The `check_command_size_in_blocks()` function calculates the data...
157 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-5.11, linux-aws-5.13...
| Package | 18.04 LTS |
|---|---|
| linux | Vulnerable |
| linux-aws | Vulnerable |
| linux-aws-5.0 | Ignored |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.3 | Ignored |
| linux-aws-5.4 | Vulnerable |
| linux-aws-5.8 | Not in release |
| linux-aws-6.14 | Not in release |
| linux-aws-6.17 | Not in release |
| linux-aws-6.8 | Not in release |
| linux-aws-fips | Vulnerable |
| linux-aws-hwe | Not in release |
| linux-azure | Ignored |
| linux-azure-4.15 | Vulnerable |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.3 | Ignored |
| linux-azure-5.4 | Vulnerable |
| linux-azure-5.8 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-6.17 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-azure-edge | Ignored |
| linux-azure-fde | Not in release |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-fde-6.17 | Not in release |
| linux-azure-fde-6.8 | Not in release |
| linux-azure-fips | Vulnerable |
| linux-azure-nvidia | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
| linux-bluefield | Not in release |
| linux-fips | Vulnerable |
| linux-gcp | Ignored |
| linux-gcp-4.15 | Vulnerable |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.3 | Ignored |
| linux-gcp-5.4 | Vulnerable |
| linux-gcp-5.8 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-gcp-6.17 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-gcp-fips | Vulnerable |
| linux-gke | Not in release |
| linux-gke-4.15 | Ignored |
| linux-gke-5.4 | Ignored |
| linux-gkeop | Not in release |
| linux-gkeop-5.15 | Not in release |
| linux-gkeop-5.4 | Ignored |
| linux-hwe | Ignored |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.4 | Vulnerable |
| linux-hwe-5.8 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-hwe-6.17 | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-hwe-edge | Ignored |
| linux-ibm | Not in release |
| linux-ibm-5.15 | Not in release |
| linux-ibm-5.4 | Vulnerable |
| linux-ibm-6.8 | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-kvm | Vulnerable |
| linux-lowlatency | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-lts-xenial | Not in release |
| linux-nvidia | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-nvidia-tegra | Not in release |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-nvidia-tegra-igx | Not in release |
| linux-oem | Ignored |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.6 | Not in release |
| linux-oem-6.14 | Not in release |
| linux-oem-6.17 | Not in release |
| linux-oracle | Vulnerable |
| linux-oracle-5.0 | Ignored |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-5.3 | Ignored |
| linux-oracle-5.4 | Vulnerable |
| linux-oracle-5.8 | Not in release |
| linux-oracle-6.14 | Not in release |
| linux-oracle-6.17 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-raspi | Not in release |
| linux-raspi-5.4 | Vulnerable |
| linux-raspi-realtime | Not in release |
| linux-raspi2 | Ignored |
| linux-realtime | Not in release |
| linux-realtime-6.14 | Not in release |
| linux-realtime-6.17 | Not in release |
| linux-realtime-6.8 | Not in release |
| linux-riscv | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.8 | Not in release |
| linux-riscv-6.17 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-xilinx | Not in release |
| linux-xilinx-zynqmp | Not in release |
| linux-hwe-5.19 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.11 | Not in release |
| linux-allwinner-5.19 | Not in release |
| linux-aws-5.19 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-azure-5.19 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-6.11 | Not in release |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-gcp-5.19 | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gcp-6.11 | Not in release |
| linux-gke-5.15 | Not in release |
| linux-intel-5.13 | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.11 | Not in release |
| linux-oracle-6.5 | Not in release |
| linux-oem-5.17 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-riscv-5.19 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.14 | Not in release |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |
An issue was discovered in OpenStack Keystone 14 through 26 before 26.1.1, 27.0.0, 28.0.0, and 29.0.0. Restricted application credentials can create EC2 credentials. By using a restricted application credential to call the EC2...
1 affected package
keystone
| Package | 18.04 LTS |
|---|---|
| keystone | Needs evaluation |
A security flaw has been discovered in musl libc up to 1.2.6. Affected is the function iconv of the file src/locale/iconv.c of the component GB18030 4-byte Decoder. Performing a manipulation results in inefficient algorithmic...
1 affected package
musl
| Package | 18.04 LTS |
|---|---|
| musl | Needs evaluation |