Search CVE reports

1241 – 1250 of 1753 results

Detailed view

Sort by:

CVE-2014-6316

Medium priority

Ignored

core/string_api.php in MantisBT before 1.2.18 does not properly categorize URLs when running under the web root, which allows remote attackers to conduct open redirect and phishing attacks via a crafted URL in the return parameter...

1 affected package

mantis

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mantis	—	—	—	—

CVE-2014-4323

High priority

Vulnerable

The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate...

120 affected packages

linux, linux-armadaxp, linux-aws, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	Not affected	Not affected	Not affected	Not affected
linux-armadaxp	—	—	—	—
linux-aws	Not affected	Not affected	Not affected	Not affected
linux-azure	Not affected	Not affected	Not affected	Not affected
linux-azure-edge	Not in release	Not in release	Not in release	Not affected
linux-ec2	—	—	—	—
linux-euclid	—	—	—	Not in release
linux-flo	—	—	—	—
linux-fsl-imx51	—	—	—	—
linux-gcp	Not affected	Not affected	Not affected	Not affected
linux-gke	Not affected	Not affected	Ignored	Not in release
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-hwe	Not in release	Not in release	Not in release	Ignored
linux-hwe-edge	Not in release	Not in release	Not in release	Not affected
linux-kvm	Not in release	Not affected	Not affected	Not affected
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	Not in release	Not in release	Not in release	Not in release
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-mvl-dove	—	—	—	—
linux-oem	Not in release	Not in release	Not in release	Not affected
linux-qcm-msm	—	—	—	—
linux-raspi2	Not in release	Not in release	Ignored	Not affected
linux-snapdragon	Not in release	Not in release	Not in release	Ignored
linux-ti-omap4	—	—	—	—
linux-hwe-5.4	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.15	Not in release	Not in release	Not affected	Not in release
linux-hwe-6.8	Not in release	Not affected	Not in release	Not in release
linux-aws-5.4	Not in release	Not in release	Not in release	Not affected
linux-aws-5.15	Not in release	Not in release	Not affected	Not in release
linux-aws-6.8	Not in release	Not affected	Not in release	Not in release
linux-aws-hwe	Not in release	Not in release	Not in release	Not in release
linux-azure-4.15	Not in release	Not in release	Not in release	Not affected
linux-azure-5.4	Not in release	Not in release	Not in release	Not affected
linux-azure-5.15	Not in release	Not in release	Not affected	Not in release
linux-azure-6.8	Not in release	Not affected	Not in release	Not in release
linux-azure-fde	Not affected	Not affected	Ignored	Not in release
linux-azure-fde-5.15	Not in release	Not in release	Not affected	Not in release
linux-bluefield	Not in release	Not in release	Not affected	Not in release
linux-fips	Vulnerable	Not affected	Not affected	Not affected
linux-aws-fips	Vulnerable	Not affected	Not affected	Not affected
linux-azure-fips	Vulnerable	Not affected	Not affected	Not affected
linux-gcp-fips	Vulnerable	Not affected	Not affected	Not affected
linux-gcp-4.15	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.4	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.15	Not in release	Not in release	Not affected	Not in release
linux-gcp-6.8	Not in release	Not affected	Not in release	Not in release
linux-gkeop	Not affected	Not affected	Ignored	Not in release
linux-gkeop-5.15	Not in release	Not in release	Ignored	Not in release
linux-ibm	Not affected	Not affected	Not affected	Not in release
linux-ibm-5.4	Not in release	Not in release	Not in release	Not affected
linux-ibm-5.15	Not in release	Not in release	Not affected	Not in release
linux-intel	Not affected	Not in release	Not in release	Not in release
linux-intel-iotg	Not in release	Not affected	Not in release	Not in release
linux-intel-iotg-5.15	Not in release	Not in release	Not affected	Not in release
linux-iot	Not in release	Not in release	Not affected	Not in release
linux-intel-iot-realtime	Not in release	Not affected	Not in release	Not in release
linux-lowlatency	Not affected	Not affected	Not in release	Not in release
linux-lowlatency-hwe-5.15	Not in release	Not in release	Not affected	Not in release
linux-lowlatency-hwe-6.8	Not in release	Not affected	Not in release	Not in release
linux-nvidia	Not affected	Not affected	Not in release	Not in release
linux-nvidia-6.8	Not in release	Not affected	Not in release	Not in release
linux-nvidia-lowlatency	Not affected	Not in release	Not in release	Not in release
linux-oracle	Not affected	Not affected	Not affected	Not affected
linux-oracle-5.4	Not in release	Not in release	Not in release	Not affected
linux-oracle-5.15	Not in release	Not in release	Not affected	Not in release
linux-oracle-6.8	Not in release	Not affected	Not in release	Not in release
linux-oem-6.8	Not affected	Not in release	Not in release	Not in release
linux-raspi	Not affected	Not affected	Not affected	Not in release
linux-raspi-5.4	Not in release	Not in release	Not in release	Not affected
linux-raspi-realtime	Not affected	Not in release	Not in release	Not in release
linux-realtime	Not affected	Not affected	Not in release	Not in release
linux-riscv	Not affected	Ignored	Ignored	Not in release
linux-riscv-5.15	Not in release	Not in release	Not affected	Not in release
linux-riscv-6.8	Not in release	Not affected	Not in release	Not in release
linux-xilinx-zynqmp	Not in release	Not affected	Not affected	Not in release
linux-oem-6.11	Not affected	Not in release	Not in release	Not in release
linux-hwe-6.11	Not affected	Not in release	Not in release	Not in release
linux-lowlatency-hwe-6.11	Not affected	Not in release	Not in release	Not in release
linux-nvidia-tegra	Not affected	Not affected	Not in release	Not in release
linux-nvidia-tegra-igx	Not in release	Not affected	Not in release	Not in release
linux-azure-nvidia	Not affected	Not in release	Not in release	Not in release
linux-azure-6.11	Not affected	Not in release	Not in release	Not in release
linux-gcp-6.11	Not affected	Not in release	Not in release	Not in release
linux-nvidia-tegra-5.15	Not in release	Not in release	Not affected	Not in release
linux-oem-6.14	Not affected	Not in release	Not in release	Not in release
linux-riscv-6.14	Not affected	Not in release	Not in release	Not in release
linux-ibm-6.8	Not in release	Not affected	Not in release	Not in release
linux-aws-6.14	Not affected	Not in release	Not in release	Not in release
linux-gcp-6.14	Not affected	Not in release	Not in release	Not in release
linux-hwe-6.14	Not affected	Not in release	Not in release	Not in release
linux-oracle-6.14	Not affected	Not in release	Not in release	Not in release
linux-nvidia-6.11	Not affected	Not in release	Not in release	Not in release
linux-realtime-6.14	Not affected	Not in release	Not in release	Not in release
linux-realtime-6.8	Not in release	Not affected	Not in release	Not in release
linux-azure-6.14	Not affected	Not in release	Not in release	Not in release
linux-azure-fde-6.14	Not affected	Not in release	Not in release	Not in release
linux-azure-nvidia-6.14	Not affected	Not in release	Not in release	Not in release
linux-xilinx	Not affected	Not in release	Not in release	Not in release
linux-oem-6.17	Not affected	Not in release	Not in release	Not in release
linux-azure-fde-6.8	Not in release	Not affected	Not in release	Not in release
linux-aws-6.17	Not affected	Not in release	Not in release	Not in release
linux-gcp-6.17	Not affected	Not in release	Not in release	Not in release
linux-hwe-6.17	Not affected	Not in release	Not in release	Not in release
linux-oracle-6.17	Not affected	Not in release	Not in release	Not in release
linux-riscv-6.17	Not affected	Not in release	Not in release	Not in release
linux-azure-6.17	Not affected	Not in release	Not in release	Not in release
linux-azure-fde-6.17	Not affected	Not in release	Not in release	Not in release
linux-realtime-6.17	Not affected	Not in release	Not in release	Not in release

CVE-2014-9281

Medium priority

Ignored

Cross-site scripting (XSS) vulnerability in admin/copy_field.php in MantisBT before 1.2.18 allows remote attackers to inject arbitrary web script or HTML via the dest_id field.

1 affected package

mantis

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mantis	—	—	—	—

CVE-2014-9280

Medium priority

Ignored

The current_user_get_bug_filter function in core/current_user_api.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary PHP code via the filter parameter.

1 affected package

mantis

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mantis	—	—	—	—

CVE-2014-9279

Medium priority

Ignored

The print_test_result function in admin/upgrade_unattended.php in MantisBT 1.1.0a3 through 1.2.x before 1.2.18 allows remote attackers to obtain database credentials via a URL in the hostname parameter and reading the parameters...

1 affected package

mantis

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mantis	—	—	—	—

CVE-2014-9270

Medium priority

Ignored

Cross-site scripting (XSS) vulnerability in the projax_array_serialize_for_autocomplete function in core/projax_api.php in MantisBT 1.1.0a3 through 1.2.17 allows remote attackers to inject arbitrary web script or HTML via the...

1 affected package

mantis

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mantis	—	—	—	—

CVE-2014-8134

High priority

Some fixes available 9 of 36

The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection...

30 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-aws	—	—	—	—
linux-ec2	—	—	—	—
linux-flo	—	—	—	—
linux-fsl-imx51	—	—	—	—
linux-gke	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-mvl-dove	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—
linux-ti-omap4	—	—	—	—

CVE-2014-9117

Medium priority

Ignored

MantisBT before 1.2.18 uses the public_key parameter value as the key to the CAPTCHA answer, which allows remote attackers to bypass the CAPTCHA protection mechanism by leveraging knowledge of a CAPTCHA answer for a public_key...

1 affected package

mantis

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mantis	—	—	—	—

CVE-2014-8123

Medium priority

Not affected

Buffer overflow in the bGetPPS function in wordole.c in Antiword 0.37 allows remote attackers to cause a denial of service (crash) via a crafted document.

1 affected package

antiword

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
antiword	—	—	—	—

CVE-2013-7416

Medium priority

Ignored

canto_curses/guibase.py in Canto Curses before 0.9.0 allows remote feed servers to execute arbitrary commands via shell metacharacters in a URL in a feed.

1 affected package

canto

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
canto	—	—	—	Not in release

Export to JSON

Results by page: