Search CVE reports
291 – 300 of 47232 results
A HTML injection vulnerability exists in the file upload functionality of Cacti <= 1.2.29. When a file with an invalid format is uploaded, the application reflects the submitted filename back into an error popup without proper...
1 affected package
cacti
| Package | 16.04 LTS |
|---|---|
| cacti | Needs evaluation |
Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. Attackers can generate a specially crafted TTF file with...
1 affected package
gnome-font-viewer
| Package | 16.04 LTS |
|---|---|
| gnome-font-viewer | Vulnerable |
Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial (hg) installed, downloading modules from non-standard sources (e.g., custom domains) can cause unexpected...
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 16.04 LTS |
|---|---|
| golang | — |
| golang-1.6 | Needs evaluation |
| golang-1.8 | — |
| golang-1.9 | — |
| golang-1.10 | Needs evaluation |
| golang-1.13 | Needs evaluation |
| golang-1.14 | — |
| golang-1.16 | — |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |
| golang-1.25 | — |
Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "#cgo pkg-config:" directive in a Go source file provides command-line arguments to...
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 16.04 LTS |
|---|---|
| golang | — |
| golang-1.6 | Needs evaluation |
| golang-1.8 | — |
| golang-1.9 | — |
| golang-1.10 | Needs evaluation |
| golang-1.13 | Needs evaluation |
| golang-1.14 | — |
| golang-1.16 | — |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |
| golang-1.25 | — |
During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the...
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 16.04 LTS |
|---|---|
| golang | — |
| golang-1.6 | Needs evaluation |
| golang-1.8 | — |
| golang-1.9 | — |
| golang-1.10 | Needs evaluation |
| golang-1.13 | Needs evaluation |
| golang-1.14 | — |
| golang-1.16 | — |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |
| golang-1.25 | — |
archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously constructed ZIP archive.
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 16.04 LTS |
|---|---|
| golang | — |
| golang-1.6 | Needs evaluation |
| golang-1.8 | — |
| golang-1.9 | — |
| golang-1.10 | Needs evaluation |
| golang-1.13 | Needs evaluation |
| golang-1.14 | — |
| golang-1.16 | — |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |
| golang-1.25 | — |
The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the...
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 16.04 LTS |
|---|---|
| golang | — |
| golang-1.6 | Needs evaluation |
| golang-1.8 | — |
| golang-1.9 | — |
| golang-1.10 | Needs evaluation |
| golang-1.13 | Needs evaluation |
| golang-1.14 | — |
| golang-1.16 | — |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |
| golang-1.25 | — |
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution,...
47 affected packages
nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-340, nvidia-graphics-drivers-340-updates, nvidia-graphics-drivers-352...
| Package | 16.04 LTS |
|---|---|
| nvidia-graphics-drivers-304 | Ignored |
| nvidia-graphics-drivers-304-updates | Not affected |
| nvidia-graphics-drivers-340 | Ignored |
| nvidia-graphics-drivers-340-updates | Not affected |
| nvidia-graphics-drivers-352 | Not affected |
| nvidia-graphics-drivers-352-updates | Not affected |
| nvidia-graphics-drivers-361 | Not affected |
| nvidia-graphics-drivers-367 | Not affected |
| nvidia-graphics-drivers-375 | Not affected |
| nvidia-graphics-drivers-384 | Not affected |
| nvidia-graphics-drivers-390 | — |
| nvidia-graphics-drivers-418-server | — |
| nvidia-graphics-drivers-430 | — |
| nvidia-graphics-drivers-435 | — |
| nvidia-graphics-drivers-440 | — |
| nvidia-graphics-drivers-440-server | — |
| nvidia-graphics-drivers-450 | — |
| nvidia-graphics-drivers-450-server | — |
| nvidia-graphics-drivers-455 | — |
| nvidia-graphics-drivers-460 | — |
| nvidia-graphics-drivers-460-server | — |
| nvidia-graphics-drivers-470 | — |
| nvidia-graphics-drivers-470-server | — |
| nvidia-graphics-drivers-495 | — |
| nvidia-graphics-drivers-510 | — |
| nvidia-graphics-drivers-510-server | — |
| nvidia-graphics-drivers-515 | — |
| nvidia-graphics-drivers-515-server | — |
| nvidia-graphics-drivers-520 | — |
| nvidia-graphics-drivers-525 | — |
| nvidia-graphics-drivers-525-server | — |
| nvidia-graphics-drivers-530 | — |
| nvidia-graphics-drivers-535 | — |
| nvidia-graphics-drivers-535-server | — |
| nvidia-graphics-drivers-545 | — |
| nvidia-graphics-drivers-550 | — |
| nvidia-graphics-drivers-550-server | — |
| nvidia-graphics-drivers-560 | — |
| nvidia-graphics-drivers-565-server | — |
| nvidia-graphics-drivers-570 | — |
| nvidia-graphics-drivers-570-server | — |
| nvidia-graphics-drivers-575 | — |
| nvidia-graphics-drivers-575-server | — |
| nvidia-graphics-drivers-580 | — |
| nvidia-graphics-drivers-580-server | — |
| nvidia-graphics-drivers-590 | — |
| nvidia-graphics-drivers-590-server | — |
NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution,...
47 affected packages
nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-340, nvidia-graphics-drivers-340-updates, nvidia-graphics-drivers-352...
| Package | 16.04 LTS |
|---|---|
| nvidia-graphics-drivers-304 | Ignored |
| nvidia-graphics-drivers-304-updates | Not affected |
| nvidia-graphics-drivers-340 | Ignored |
| nvidia-graphics-drivers-340-updates | Not affected |
| nvidia-graphics-drivers-352 | Not affected |
| nvidia-graphics-drivers-352-updates | Not affected |
| nvidia-graphics-drivers-361 | Not affected |
| nvidia-graphics-drivers-367 | Not affected |
| nvidia-graphics-drivers-375 | Not affected |
| nvidia-graphics-drivers-384 | Not affected |
| nvidia-graphics-drivers-390 | — |
| nvidia-graphics-drivers-418-server | — |
| nvidia-graphics-drivers-430 | — |
| nvidia-graphics-drivers-435 | — |
| nvidia-graphics-drivers-440 | — |
| nvidia-graphics-drivers-440-server | — |
| nvidia-graphics-drivers-450 | — |
| nvidia-graphics-drivers-450-server | — |
| nvidia-graphics-drivers-455 | — |
| nvidia-graphics-drivers-460 | — |
| nvidia-graphics-drivers-460-server | — |
| nvidia-graphics-drivers-470 | — |
| nvidia-graphics-drivers-470-server | — |
| nvidia-graphics-drivers-495 | — |
| nvidia-graphics-drivers-510 | — |
| nvidia-graphics-drivers-510-server | — |
| nvidia-graphics-drivers-515 | — |
| nvidia-graphics-drivers-515-server | — |
| nvidia-graphics-drivers-520 | — |
| nvidia-graphics-drivers-525 | — |
| nvidia-graphics-drivers-525-server | — |
| nvidia-graphics-drivers-530 | — |
| nvidia-graphics-drivers-535 | — |
| nvidia-graphics-drivers-535-server | — |
| nvidia-graphics-drivers-545 | — |
| nvidia-graphics-drivers-550 | — |
| nvidia-graphics-drivers-550-server | — |
| nvidia-graphics-drivers-560 | — |
| nvidia-graphics-drivers-565-server | — |
| nvidia-graphics-drivers-570 | — |
| nvidia-graphics-drivers-570-server | — |
| nvidia-graphics-drivers-575 | — |
| nvidia-graphics-drivers-575-server | — |
| nvidia-graphics-drivers-580 | — |
| nvidia-graphics-drivers-580-server | — |
| nvidia-graphics-drivers-590 | — |
| nvidia-graphics-drivers-590-server | — |
M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. Attackers can send a POST request to the /api/1/admin/users/update...
1 affected package
monit
| Package | 16.04 LTS |
|---|---|
| monit | Needs evaluation |