Search CVE reports
331 – 340 of 490 results
Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) relay identity keys and...
1 affected package
tor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tor | — | — | — | — |
Some fixes available 1 of 5
The send_the_mail function in server/svr_mail.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 4.2.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the...
1 affected package
torque
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| torque | — | — | — | — |
pbs_mom in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to...
1 affected package
torque
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| torque | — | — | — | — |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
40 affected packages
tdom, apache2, apr-util, audacity, ayttm...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tdom | — | — | — | — |
| apache2 | — | — | — | — |
| apr-util | — | — | — | — |
| audacity | — | — | — | — |
| ayttm | — | — | — | — |
| cableswig | — | — | — | — |
| cadaver | — | — | — | — |
| celementtree | — | — | — | — |
| cmake | — | — | — | — |
| coin3 | — | — | — | — |
| expat | — | — | — | — |
| gdcm | — | — | — | — |
| ghostscript | — | — | — | — |
| grmonitor | — | — | — | — |
| insighttoolkit | — | — | — | — |
| kompozer | — | — | — | — |
| libparagui1.1 | — | — | — | — |
| matanza | — | — | — | — |
| paraview | — | — | — | — |
| poco | — | — | — | — |
| python-xml | — | — | — | — |
| python2.4 | — | — | — | — |
| python2.5 | — | — | — | — |
| python2.6 | — | — | — | — |
| simgear | — | — | — | — |
| sitecopy | — | — | — | — |
| smart | — | — | — | — |
| swish-e | — | — | — | — |
| texlive-bin | — | — | — | — |
| tla | — | — | — | — |
| vnc4 | — | — | — | — |
| vtk | — | — | — | — |
| w3c-libwww | — | — | — | — |
| wbxml2 | — | — | — | — |
| wxwidgets2.6 | — | — | — | — |
| wxwidgets2.8 | — | — | — | — |
| wxwindows2.4 | — | — | — | — |
| xmlrpc-c | — | — | — | — |
| xotcl | — | — | — | — |
| xulrunner | — | — | — | — |
language-selector 0.110.x before 0.110.1, 0.90.x before 0.90.1, and 0.79.x before 0.79.4 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by...
1 affected package
language-selector
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| language-selector | — | — | — | — |
Some fixes available 3 of 4
usb-creator 0.2.47 before 0.2.47.1, 0.2.40 before 0.2.40ubuntu2, and 0.2.38 before 0.2.38.2 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by...
1 affected package
usb-creator
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| usb-creator | — | — | — | — |
Some fixes available 5 of 41
Algorithmic complexity vulnerability in the ssl.match_hostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote...
10 affected packages
bzr, w3af, linkchecker, python-tornado, python-urllib3...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| bzr | Not affected | Not affected | Not affected | Not affected |
| w3af | Not in release | Not in release | Not in release | Not in release |
| linkchecker | Not affected | Not affected | Not in release | Not affected |
| python-tornado | Not affected | Not affected | Not affected | Not affected |
| python-urllib3 | Not affected | Not affected | Not affected | Not affected |
| python2.7 | Not in release | Not affected | Not affected | Not affected |
| python3.1 | Not in release | Not in release | Not in release | Not in release |
| python3.2 | Not in release | Not in release | Not in release | Not in release |
| python3.3 | Not in release | Not in release | Not in release | Not in release |
| zeroinstall-injector | Not affected | Not affected | Not affected | Not affected |
pam_google_authenticator.c in the PAM module in Google Authenticator before 1.0 requires user-readable permissions for the secret file, which allows local users to bypass intended access restrictions and discover a shared secret...
1 affected package
google-authenticator
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| google-authenticator | — | — | — | — |
The connection_edge_process_relay_cell function in or/relay.c in Tor before 0.2.3.25 maintains circuits even if an unexpected SENDME cell arrives, which might allow remote attackers to cause a denial of service (memory consumption...
1 affected package
tor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tor | — | — | — | — |
Stack-based buffer overflow in modules/graphic/ssgraph/grsound.cpp in The Open Racing Car Simulator (TORCS) before 1.3.3 and Speed Dreams allows user-assisted remote attackers to execute arbitrary code via a long file name in an...
1 affected package
torcs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| torcs | — | — | — | — |