Search CVE reports
91 – 100 of 1337 results
CVE-2018-1258
Medium priorityNot in release
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that...
1 affected packages
libspring-security-2.0-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libspring-security-2.0-java | — | — | — | Not in release | Not in release |
CVE-2018-1257
Low prioritySpring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through...
1 affected packages
libspring-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libspring-java | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2018-1275
Medium prioritySpring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through...
1 affected packages
libspring-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libspring-java | — | — | — | Not affected | Not affected |
CVE-2018-1272
Medium prioritySpring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application (server A)...
1 affected packages
libspring-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libspring-java | — | — | — | Not affected | Not affected |
CVE-2018-1271
Negligible prioritySpring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are...
1 affected packages
libspring-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libspring-java | — | — | — | Not affected | Not affected |
CVE-2018-1270
High prioritySome fixes available 2 of 3
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through...
1 affected packages
libspring-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libspring-java | — | — | — | Fixed | Not affected |
CVE-2015-9016
Medium prioritySome fixes available 1 of 5
In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-armadaxp | — | — | — | Not in release | Not in release |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Not affected |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gke | — | — | — | Not in release | Not affected |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Fixed | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-linaro-omap | — | — | — | Not in release | Not in release |
| linux-linaro-shared | — | — | — | Not in release | Not in release |
| linux-linaro-vexpress | — | — | — | Not in release | Not in release |
| linux-lts-quantal | — | — | — | Not in release | Not in release |
| linux-lts-raring | — | — | — | Not in release | Not in release |
| linux-lts-saucy | — | — | — | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Not affected |
| linux-qcm-msm | — | — | — | Not in release | Not in release |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
| linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2018-7566
Medium prioritySome fixes available 13 of 18
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
79 affected packages
linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-6.8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | Not affected | Not affected | Not affected | Not affected | Fixed |
| linux-aws | Not affected | Not affected | Not affected | Not affected | Fixed |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-aws-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-azure | Not affected | Not affected | Not affected | Not affected | Fixed |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-azure-edge | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-fips | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | Not affected | Not affected | Not affected | Not affected | Fixed |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-gke | Not affected | Not affected | Ignored | Not in release | Ignored |
| linux-gkeop | Not in release | Not affected | Not affected | Not in release | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Not affected | Fixed |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected | Fixed |
| linux-ibm | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iot-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-kvm | Not in release | Not affected | Not affected | Not affected | Fixed |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-lts-quantal | — | — | — | Not in release | Not in release |
| linux-lts-raring | — | — | — | Not in release | Not in release |
| linux-lts-saucy | — | — | — | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Not affected | Ignored |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oracle | Not affected | Not affected | Not affected | Not affected | Not affected |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-raspi-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-raspi2 | Not in release | Not in release | Ignored | Not affected | Fixed |
| linux-realtime | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-snapdragon | Not in release | Not in release | Not in release | Not affected | Fixed |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release | Not in release |
CVE-2018-1199
Medium prioritySpring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security...
1 affected packages
libspring-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libspring-java | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2018-8087
Low prioritySome fixes available 22 of 25
Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.
79 affected packages
linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-6.8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-aws | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-aws-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-azure | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-azure-edge | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-fips | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-gke | Not affected | Not affected | Ignored | Not in release | Ignored |
| linux-gkeop | Not in release | Not affected | Not affected | Not in release | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-goldfish | — | — | — | Not in release | Not affected |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Not affected | Fixed |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected | Fixed |
| linux-ibm | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iot-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-kvm | Not in release | Not affected | Not affected | Fixed | Fixed |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-lts-quantal | — | — | — | Not in release | Not in release |
| linux-lts-raring | — | — | — | Not in release | Not in release |
| linux-lts-saucy | — | — | — | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Fixed | Fixed |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oracle | Not affected | Not affected | Not affected | Not affected | Not affected |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-raspi-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-raspi2 | Not in release | Not in release | Ignored | Fixed | Fixed |
| linux-realtime | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-snapdragon | Not in release | Not in release | Not in release | Not affected | Fixed |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release | Not in release |