Search CVE reports
11 – 20 of 25638 results
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.
15 affected packages
golang, golang-1.10, golang-1.13, golang-1.14, golang-1.16...
| Package | 24.04 LTS |
|---|---|
| golang | Not in release |
| golang-1.10 | Not in release |
| golang-1.13 | Not in release |
| golang-1.14 | Not in release |
| golang-1.16 | Not in release |
| golang-1.17 | Not in release |
| golang-1.18 | Not in release |
| golang-1.20 | Not in release |
| golang-1.21 | Needs evaluation |
| golang-1.22 | Not affected |
| golang-1.23 | Needs evaluation |
| golang-1.24 | Not in release |
| golang-1.6 | Not in release |
| golang-1.8 | Not in release |
| golang-1.9 | Not in release |
pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required (default value is prefer), the driver would incorrectly allow...
1 affected package
libpgjava
| Package | 24.04 LTS |
|---|---|
| libpgjava | Needs evaluation |
Not in release
Nomad Community and Nomad Enterprise (“Nomad”) prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and...
1 affected package
nomad
| Package | 24.04 LTS |
|---|---|
| nomad | Not in release |
Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow. CryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328.
1 affected package
libcryptx-perl
| Package | 24.04 LTS |
|---|---|
| libcryptx-perl | Needs evaluation |
A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to...
1 affected package
thunderbird
| Package | 24.04 LTS |
|---|---|
| thunderbird | Needs evaluation |
An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |
Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |
There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module. This only affects HTTP/2 handling, HTTP handling is not affected by this at all. This happens due to a race condition between how...
3 affected packages
qt6-base, qtbase-opensource-src, qtbase-opensource-src-gles
| Package | 24.04 LTS |
|---|---|
| qt6-base | Needs evaluation |
| qtbase-opensource-src | Needs evaluation |
| qtbase-opensource-src-gles | Needs evaluation |
KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh,...
1 affected package
konsole
| Package | 24.04 LTS |
|---|---|
| konsole | Needs evaluation |
Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from the TPM 2.0 reference implementation code published by the Trusted Computing Group, is...
1 affected package
libtpms
| Package | 24.04 LTS |
|---|---|
| libtpms | Not affected |