Search CVE reports
151 – 160 of 37963 results
NASM’s disasm() function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker triggered out-of-bounds write when `slen` exceeds the buffer capacity.
1 affected package
nasm
| Package | 22.04 LTS |
|---|---|
| nasm | Needs evaluation |
NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before...
1 affected package
nasm
| Package | 22.04 LTS |
|---|---|
| nasm | Needs evaluation |
A heap buffer overflow vulnerability exists in the Netwide Assembler (NASM) due to a lack of bounds checking in the obj_directive() function. This vulnerability can be exploited by a user assembling a malicious .asm...
1 affected package
nasm
| Package | 22.04 LTS |
|---|---|
| nasm | Needs evaluation |
Not in release
Improper synchronization of the userTokens map in the API server in Canonical Juju 4.0.5, 3.6.20, and 2.9.56 may allow an authenticated user to possibly cause a denial of service on the server or possibly reuse a single-use...
1 affected package
juju
| Package | 22.04 LTS |
|---|---|
| juju | Not in release |
Not in release
In Juju versions prior to 2.9.57 and 3.6.21, an authorization issue exists in the Controller facade. An authenticated user can call the CloudSpec API method to extract the cloud credentials used to bootstrap the controller. This...
1 affected package
juju
| Package | 22.04 LTS |
|---|---|
| juju | Not in release |
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks() The `check_command_size_in_blocks()` function calculates the data...
157 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-5.11, linux-aws-5.13...
| Package | 22.04 LTS |
|---|---|
| linux | Vulnerable |
| linux-aws | Vulnerable |
| linux-aws-5.0 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-5.8 | Not in release |
| linux-aws-6.14 | Not in release |
| linux-aws-6.17 | Not in release |
| linux-aws-6.8 | Vulnerable |
| linux-aws-fips | Vulnerable |
| linux-aws-hwe | Not in release |
| linux-azure | Vulnerable |
| linux-azure-4.15 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-6.17 | Not in release |
| linux-azure-6.8 | Vulnerable |
| linux-azure-edge | Not in release |
| linux-azure-fde | Vulnerable |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-fde-6.17 | Not in release |
| linux-azure-fde-6.8 | Vulnerable |
| linux-azure-fips | Vulnerable |
| linux-azure-nvidia | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
| linux-bluefield | Not in release |
| linux-fips | Vulnerable |
| linux-gcp | Vulnerable |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-gcp-6.17 | Not in release |
| linux-gcp-6.8 | Vulnerable |
| linux-gcp-fips | Vulnerable |
| linux-gke | Vulnerable |
| linux-gke-4.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gkeop | Vulnerable |
| linux-gkeop-5.15 | Not in release |
| linux-gkeop-5.4 | Not in release |
| linux-hwe | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.4 | Not in release |
| linux-hwe-5.8 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-hwe-6.17 | Not in release |
| linux-hwe-6.8 | Vulnerable |
| linux-hwe-edge | Not in release |
| linux-ibm | Vulnerable |
| linux-ibm-5.15 | Not in release |
| linux-ibm-5.4 | Not in release |
| linux-ibm-6.8 | Vulnerable |
| linux-intel-iot-realtime | Vulnerable |
| linux-intel-iotg | Vulnerable |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-kvm | Vulnerable |
| linux-lowlatency | Vulnerable |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-6.8 | Vulnerable |
| linux-lts-xenial | Not in release |
| linux-nvidia | Vulnerable |
| linux-nvidia-6.8 | Vulnerable |
| linux-nvidia-lowlatency | Not in release |
| linux-nvidia-tegra | Vulnerable |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-nvidia-tegra-igx | Vulnerable |
| linux-oem | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.6 | Not in release |
| linux-oem-6.14 | Not in release |
| linux-oem-6.17 | Not in release |
| linux-oracle | Vulnerable |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Not in release |
| linux-oracle-6.14 | Not in release |
| linux-oracle-6.17 | Not in release |
| linux-oracle-6.8 | Vulnerable |
| linux-raspi | Vulnerable |
| linux-raspi-5.4 | Not in release |
| linux-raspi-realtime | Not in release |
| linux-raspi2 | Not in release |
| linux-realtime | Vulnerable |
| linux-realtime-6.14 | Not in release |
| linux-realtime-6.17 | Not in release |
| linux-realtime-6.8 | Vulnerable |
| linux-riscv | Ignored |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.8 | Not in release |
| linux-riscv-6.17 | Not in release |
| linux-riscv-6.8 | Vulnerable |
| linux-xilinx | Not in release |
| linux-xilinx-zynqmp | Vulnerable |
| linux-hwe-5.19 | Ignored |
| linux-hwe-6.2 | Ignored |
| linux-hwe-6.5 | Ignored |
| linux-hwe-6.11 | Not in release |
| linux-allwinner-5.19 | Ignored |
| linux-aws-5.19 | Ignored |
| linux-aws-6.2 | Ignored |
| linux-aws-6.5 | Ignored |
| linux-azure-5.19 | Ignored |
| linux-azure-6.2 | Ignored |
| linux-azure-6.5 | Ignored |
| linux-azure-6.11 | Not in release |
| linux-azure-fde-5.19 | Ignored |
| linux-azure-fde-6.2 | Ignored |
| linux-gcp-5.19 | Ignored |
| linux-gcp-6.2 | Ignored |
| linux-gcp-6.5 | Ignored |
| linux-gcp-6.11 | Not in release |
| linux-gke-5.15 | Not in release |
| linux-intel-5.13 | Not in release |
| linux-lowlatency-hwe-5.19 | Ignored |
| linux-lowlatency-hwe-6.2 | Ignored |
| linux-lowlatency-hwe-6.5 | Ignored |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia-6.2 | Ignored |
| linux-nvidia-6.5 | Ignored |
| linux-nvidia-6.11 | Not in release |
| linux-oracle-6.5 | Ignored |
| linux-oem-5.17 | Ignored |
| linux-oem-6.0 | Ignored |
| linux-oem-6.1 | Ignored |
| linux-oem-6.5 | Ignored |
| linux-oem-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-riscv-5.19 | Ignored |
| linux-riscv-6.5 | Ignored |
| linux-riscv-6.14 | Not in release |
| linux-starfive-5.19 | Ignored |
| linux-starfive-6.2 | Ignored |
| linux-starfive-6.5 | Ignored |
An issue was discovered in OpenStack Keystone 14 through 26 before 26.1.1, 27.0.0, 28.0.0, and 29.0.0. Restricted application credentials can create EC2 credentials. By using a restricted application credential to call the EC2...
1 affected package
keystone
| Package | 22.04 LTS |
|---|---|
| keystone | Needs evaluation |
A security flaw has been discovered in musl libc up to 1.2.6. Affected is the function iconv of the file src/locale/iconv.c of the component GB18030 4-byte Decoder. Performing a manipulation results in inefficient algorithmic...
1 affected package
musl
| Package | 22.04 LTS |
|---|---|
| musl | Needs evaluation |
wolfSSL_X509_verify_cert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints `CA:FALSE` that is...
1 affected package
wolfssl
| Package | 22.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
wolfSSL's wc_PKCS7_DecodeAuthEnvelopedData() does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. A man-in-the-middle can therefore truncate the mac field from 16 bytes to...
1 affected package
wolfssl
| Package | 22.04 LTS |
|---|---|
| wolfssl | Needs evaluation |