8 matches found
UBUNTU-CVE-2024-57258
Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdifft is mishandled on x8664...
UBUNTU-CVE-2024-6542
Improper neutralization of livestatus command delimiters in mknotifyd in Checkmk = 2.0.0p39, 2.1.0p47, 2.2.0p32 and 2.3.0p11 allows arbitrary livestatus command execution...
UBUNTU-CVE-2024-22641
TCPDF version 6.6.5 and before is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted SVG file...
UBUNTU-CVE-2024-32487
less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the...
UBUNTU-CVE-2024-2201
A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent FineIBT, and to leak arbitrary Linux kernel memory on Intel systems...
UBUNTU-CVE-2024-23084
DISPUTED Apfloat v1.10.1 was discovered to contain an ArrayIndexOutOfBoundsException via the component org.apfloat.internal.DoubleCRTMath::adddouble, double. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerabilit...
UBUNTU-CVE-2024-30166
In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read of less than 256 bytes in a TLS 1.3 server via a TLS 3.1 ClientHello...
UBUNTU-CVE-2024-20696
Windows libarchive Remote Code Execution Vulnerability...