Search CVE reports
111 – 120 of 42582 results
(Crash in ciscodump 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of ...)
1 affected package
wireshark
| Package | 20.04 LTS |
|---|---|
| wireshark | Needs evaluation |
(Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 ...)
1 affected package
wireshark
| Package | 20.04 LTS |
|---|---|
| wireshark | Needs evaluation |
A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password verification function uses standard memcmp() for comparing password hashes instead of a constant-time comparison function. A remote attacker could potentially...
1 affected package
389-ds-base
| Package | 20.04 LTS |
|---|---|
| 389-ds-base | Needs evaluation |
(Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry co ...)
1 affected package
libimager-perl
| Package | 20.04 LTS |
|---|---|
| libimager-perl | Needs evaluation |
Impact: In body-parser versions prior to 1.20.6 (1.x line) and 2.3.0 (2.x line), when the parser is configured with an invalid limit option value such as an unparseable string or NaN, bytes.parse returns null and the request body...
1 affected package
node-body-parser
| Package | 20.04 LTS |
|---|---|
| node-body-parser | Needs evaluation |
A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or...
12 affected packages
mailcap, openjdk-8, openjdk-9, openjdk-lts, openjdk-13...
| Package | 20.04 LTS |
|---|---|
| mailcap | — |
| openjdk-8 | Not affected |
| openjdk-9 | — |
| openjdk-lts | Not affected |
| openjdk-13 | Ignored |
| openjdk-16 | Ignored |
| openjdk-17 | Not affected |
| openjdk-17-crac | — |
| openjdk-18 | — |
| openjdk-21 | Not affected |
| openjdk-21-crac | — |
| openjdk-25 | — |
ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)
2 affected packages
openssh, openssh-ssh1
| Package | 20.04 LTS |
|---|---|
| openssh | Needs evaluation |
| openssh-ssh1 | Ignored |
sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.
2 affected packages
openssh, openssh-ssh1
| Package | 20.04 LTS |
|---|---|
| openssh | Needs evaluation |
| openssh-ssh1 | Ignored |
sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service (resource consumption from excessive authentication attempts) because MaxAuthTries was mishandled for GSSAPIAuthentication.
2 affected packages
openssh, openssh-ssh1
| Package | 20.04 LTS |
|---|---|
| openssh | Needs evaluation |
| openssh-ssh1 | Ignored |
In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not.
2 affected packages
openssh, openssh-ssh1
| Package | 20.04 LTS |
|---|---|
| openssh | Needs evaluation |
| openssh-ssh1 | Ignored |