Search CVE reports
11 – 20 of 25522 results
CVE-2024-11669
Medium priorityNot in release
An issue was discovered in GitLab CE/EE affecting all versions from 16.9.8 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. Certain API endpoints could potentially allow unauthorized access to sensitive data due to...
1 affected packages
gitlab
| Package | 22.04 LTS |
|---|---|
| gitlab | Not in release |
CVE-2024-11668
Medium priorityNot in release
An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. Long-lived connections could potentially bypass authentication controls,...
1 affected packages
gitlab
| Package | 22.04 LTS |
|---|---|
| gitlab | Not in release |
CVE-2024-10240
Medium priorityNot in release
An issue has been discovered in GitLab EE affecting all versions starting from 17.3 before 17.3.7, all versions starting from 17.4 before 17.4.4, all versions starting from 17.5 before 17.5.2 in which an unauthenticated user may...
1 affected packages
gitlab
| Package | 22.04 LTS |
|---|---|
| gitlab | Not in release |
CVE-2024-53859
Medium priorityNot in release
go-gh is a Go module for interacting with the `gh` utility and the GitHub API from the command line. A security vulnerability has been identified in `go-gh` that could leak authentication tokens intended for GitHub hosts...
1 affected packages
golang-github-cli-go-gh-v2
| Package | 22.04 LTS |
|---|---|
| golang-github-cli-go-gh-v2 | Not in release |
CVE-2024-53858
Medium priorityThe gh cli is GitHub’s official command line tool. A security vulnerability has been identified in the GitHub CLI that could leak authentication tokens when cloning repositories containing `git` submodules hosted outside...
1 affected packages
gh
| Package | 22.04 LTS |
|---|---|
| gh | Needs evaluation |
CVE-2024-53008
Medium priorityInconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL (Access Control List) set...
1 affected packages
haproxy
| Package | 22.04 LTS |
|---|---|
| haproxy | Needs evaluation |
CVE-2024-36466
Medium priorityA bug in the code allows an attacker to sign a forged zbx_session cookie, which then allows them to sign in with admin permissions.
1 affected packages
zabbix
| Package | 22.04 LTS |
|---|---|
| zabbix | Needs evaluation |
CVE-2023-52922
Medium priorityIn the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1...
126 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
| Package | 22.04 LTS |
|---|---|
| linux | Vulnerable |
| linux-allwinner-5.19 | Ignored |
| linux-aws | Vulnerable |
| linux-aws-5.0 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Ignored |
| linux-aws-5.3 | Not in release |
| linux-aws-5.4 | Not in release |
| linux-aws-5.8 | Not in release |
| linux-aws-6.2 | Ignored |
| linux-aws-6.5 | Ignored |
| linux-aws-6.8 | Not affected |
| linux-aws-fips | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure | Vulnerable |
| linux-azure-4.15 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Ignored |
| linux-azure-5.3 | Not in release |
| linux-azure-5.4 | Not in release |
| linux-azure-5.8 | Not in release |
| linux-azure-6.2 | Ignored |
| linux-azure-6.5 | Ignored |
| linux-azure-6.8 | Not affected |
| linux-azure-edge | Not in release |
| linux-azure-fde | Needs evaluation |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Ignored |
| linux-azure-fde-6.2 | Ignored |
| linux-azure-fips | Not in release |
| linux-bluefield | Not in release |
| linux-fips | Not in release |
| linux-gcp | Vulnerable |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Ignored |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.4 | Not in release |
| linux-gcp-5.8 | Not in release |
| linux-gcp-6.2 | Ignored |
| linux-gcp-6.5 | Ignored |
| linux-gcp-6.8 | Not affected |
| linux-gcp-fips | Not in release |
| linux-gke | Vulnerable |
| linux-gke-4.15 | Not in release |
| linux-gke-5.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gkeop | Vulnerable |
| linux-gkeop-5.15 | Not in release |
| linux-gkeop-5.4 | Not in release |
| linux-hwe | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Ignored |
| linux-hwe-5.4 | Not in release |
| linux-hwe-5.8 | Not in release |
| linux-hwe-6.2 | Ignored |
| linux-hwe-6.5 | Ignored |
| linux-hwe-6.8 | Not affected |
| linux-hwe-edge | Not in release |
| linux-ibm | Vulnerable |
| linux-ibm-5.15 | Not in release |
| linux-ibm-5.4 | Not in release |
| linux-intel | Not in release |
| linux-intel-5.13 | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-intel-iotg | Vulnerable |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-kvm | Vulnerable |
| linux-lowlatency | Vulnerable |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Ignored |
| linux-lowlatency-hwe-6.2 | Ignored |
| linux-lowlatency-hwe-6.5 | Ignored |
| linux-lowlatency-hwe-6.8 | Not affected |
| linux-lts-xenial | Not in release |
| linux-nvidia | Vulnerable |
| linux-nvidia-6.2 | Ignored |
| linux-nvidia-6.5 | Ignored |
| linux-nvidia-6.8 | Not affected |
| linux-nvidia-lowlatency | Not in release |
| linux-oem | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Ignored |
| linux-oem-5.6 | Not in release |
| linux-oem-6.0 | Ignored |
| linux-oem-6.1 | Ignored |
| linux-oem-6.11 | Not in release |
| linux-oem-6.5 | Ignored |
| linux-oem-6.8 | Not in release |
| linux-oracle | Vulnerable |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.4 | Not in release |
| linux-oracle-5.8 | Not in release |
| linux-oracle-6.5 | Ignored |
| linux-oracle-6.8 | Not affected |
| linux-raspi | Vulnerable |
| linux-raspi-5.4 | Not in release |
| linux-raspi-realtime | Not in release |
| linux-raspi2 | Not in release |
| linux-realtime | Ignored |
| linux-riscv | Ignored |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Ignored |
| linux-riscv-5.8 | Not in release |
| linux-riscv-6.5 | Ignored |
| linux-riscv-6.8 | Not affected |
| linux-starfive-5.19 | Ignored |
| linux-starfive-6.2 | Ignored |
| linux-starfive-6.5 | Ignored |
| linux-xilinx-zynqmp | Vulnerable |
CVE-2024-53920
Medium priorityIn elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to...
5 affected packages
emacs, emacs24, emacs25, xemacs21, xemacs21-packages
| Package | 22.04 LTS |
|---|---|
| emacs | Needs evaluation |
| emacs24 | Not in release |
| emacs25 | Not in release |
| xemacs21 | Needs evaluation |
| xemacs21-packages | Needs evaluation |
CVE-2024-53849
Medium priorityeditorconfig-core-c is theEditorConfig core library written in C (for use by plugins supporting EditorConfig parsing). In affected versions several overflows may occur in switch case '[' when the input pattern contains...
1 affected packages
editorconfig-core
| Package | 22.04 LTS |
|---|---|
| editorconfig-core | Needs evaluation |