Search CVE reports
261 – 270 of 43755 results
Not in release
Puppet resource_api (shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x) does not preserve the sensitive flag on parameters defined via the resource-api, causing values such as passwords to be stored in cleartext...
1 affected package
ruby-puppet-resource-api
| Package | 22.04 LTS |
|---|---|
| ruby-puppet-resource-api | Not in release |
[Unknown description]
1 affected package
gobgp
| Package | 22.04 LTS |
|---|---|
| gobgp | Needs evaluation |
A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur...
1 affected package
hplip
| Package | 22.04 LTS |
|---|---|
| hplip | Needs evaluation |
In PHP versions 8.2.* before 8.2.32, 8.3.* before 8.3.32, 8.4.* before 8.4.23, 8.5.* before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES...
8 affected packages
php5, php7.0, php7.2, php7.4, php8.1...
| Package | 22.04 LTS |
|---|---|
| php5 | Not in release |
| php7.0 | Not in release |
| php7.2 | Not in release |
| php7.4 | Not in release |
| php8.1 | Needs evaluation |
| php8.3 | Not in release |
| php8.4 | Not in release |
| php8.5 | Not in release |
tls_wrap_reneg use after free
1 affected package
openvpn
| Package | 22.04 LTS |
|---|---|
| openvpn | Not affected |
ack_write_buf use after free
1 affected package
openvpn
| Package | 22.04 LTS |
|---|---|
| openvpn | Needs evaluation |
metadata buffer leak
1 affected package
openvpn
| Package | 22.04 LTS |
|---|---|
| openvpn | Needs evaluation |
security update
8 affected packages
php5, php7.0, php7.2, php7.4, php8.1...
| Package | 22.04 LTS |
|---|---|
| php5 | Not in release |
| php7.0 | Not in release |
| php7.2 | Not in release |
| php7.4 | Not in release |
| php8.1 | Needs evaluation |
| php8.3 | Not in release |
| php8.4 | Not in release |
| php8.5 | Not in release |
1-byte buffer overrun on NTLMv2 proxy responses
1 affected package
openvpn
| Package | 22.04 LTS |
|---|---|
| openvpn | Not affected |
Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v1_5 (RFC 8017). A remote...
1 affected package
libreswan
| Package | 22.04 LTS |
|---|---|
| libreswan | Needs evaluation |