CVE search results

21 – 30 of 1337 results

Detailed view

Sort by:

CVE-2022-23547

Medium priority

Some fixes available 2 of 5

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer...

2 affected packages

pjproject, ring

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
pjproject	—	Not in release	Not in release	Needs evaluation	Needs evaluation
ring	Not in release	—	Fixed	Fixed	Ignored

CVE-2022-23537

Medium priority

Some fixes available 2 of 10

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted...

4 affected packages

asterisk, pjproject, ring, sip

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
asterisk	Needs evaluation	Vulnerable	Not affected	Not affected	Needs evaluation
pjproject	—	Not in release	Not in release	Vulnerable	Needs evaluation
ring	Not in release	Not in release	Fixed	Fixed	Ignored
sip	—	Not in release	Not in release	Not in release	Ignored

CVE-2022-31692

Medium priority

Needs evaluation

Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following...

1 affected packages

libspring-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libspring-java	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-31690

Medium priority

Needs evaluation

Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a...

1 affected packages

libspring-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libspring-java	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-39269

Medium priority

Needs evaluation

PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media...

3 affected packages

asterisk, pjproject, ring

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
asterisk	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
pjproject	—	Not in release	Not in release	Needs evaluation	Needs evaluation
ring	Not in release	Not in release	Needs evaluation	Needs evaluation	Ignored

CVE-2022-39244

Medium priority

Some fixes available 2 of 13

PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users...

3 affected packages

asterisk, pjproject, ring

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
asterisk	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
pjproject	—	Not in release	Not in release	Needs evaluation	Needs evaluation
ring	Not in release	Not in release	Fixed	Fixed	Ignored

CVE-2011-4916

Low priority

Ignored

Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.

18 affected packages

linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-armadaxp	—	—	—	—	—
linux-ec2	—	—	—	—	—
linux-flo	—	—	—	—	—
linux-fsl-imx51	—	—	—	—	—
linux-goldfish	—	—	—	—	—
linux-grouper	—	—	—	—	—
linux-lts-backport-maverick	—	—	—	—	—
linux-lts-backport-natty	—	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—	—
linux-lts-quantal	—	—	—	—	—
linux-lts-raring	—	—	—	—	—
linux-lts-saucy	—	—	—	—	—
linux-maguro	—	—	—	—	—
linux-mako	—	—	—	—	—
linux-manta	—	—	—	—	—
linux-mvl-dove	—	—	—	—	—
linux-ti-omap4	—	—	—	—	—

CVE-2022-31031

Medium priority

Some fixes available 2 of 5

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer...

2 affected packages

pjproject, ring

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
pjproject	Not in release	Not in release	Not in release	Vulnerable	Vulnerable
ring	Not in release	—	Fixed	Fixed	Ignored

CVE-2022-22978

Medium priority

Needs evaluation

In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with...

2 affected packages

libspring-java, libspring-security-2.0-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libspring-java	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libspring-security-2.0-java	—	—	—	—	—

CVE-2022-22976

Medium priority

Needs evaluation

Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor (31), the encoder does not...

2 affected packages

libspring-java, libspring-security-2.0-java

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libspring-java	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libspring-security-2.0-java	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports