Search CVE reports
161 – 170 of 48358 results
In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected.
1 affected package
mbedtls
| Package | 16.04 LTS |
|---|---|
| mbedtls | Needs evaluation |
(Apache Traffic Server allows request smuggling if chunked messages are ...)
1 affected package
trafficserver
| Package | 16.04 LTS |
|---|---|
| trafficserver | Needs evaluation |
(A bug in POST request handling causes a crash under a certain conditio ...)
1 affected package
trafficserver
| Package | 16.04 LTS |
|---|---|
| trafficserver | Needs evaluation |
Impact: The fix for CVE-2021-23337 (https://github.com/advisories/GHSA-35jh-r3h4-6jhm) added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into...
1 affected package
node-lodash
| Package | 16.04 LTS |
|---|---|
| node-lodash | Needs evaluation |
(A flaw was found in libinput. An attacker capable of deploying a Lua p ...)
1 affected package
libinput
| Package | 16.04 LTS |
|---|---|
| libinput | Needs evaluation |
(A flaw was found in libinput. A local attacker who can place a special ...)
1 affected package
libinput
| Package | 16.04 LTS |
|---|---|
| libinput | Needs evaluation |
(A flaw was found in Corosync. An integer overflow vulnerability in Cor ...)
1 affected package
corosync
| Package | 16.04 LTS |
|---|---|
| corosync | Needs evaluation |
(A flaw was found in Corosync. A remote unauthenticated attacker can ex ...)
1 affected package
corosync
| Package | 16.04 LTS |
|---|---|
| corosync | Needs evaluation |
[Unknown description]
1 affected package
vim
| Package | 16.04 LTS |
|---|---|
| vim | Needs evaluation |
heap overflow with a specially crafted FTP packet
1 affected package
openvswitch
| Package | 16.04 LTS |
|---|---|
| openvswitch | Not affected |