Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

21 – 30 of 1338 results


CVE-2023-27585

Medium priority

Some fixes available 4 of 7

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not...

2 affected packages

pjproject, ring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pjproject Not in release Not in release Needs evaluation Needs evaluation
ring Not in release Fixed Fixed Ignored
Show less packages

CVE-2022-23547

Medium priority

Some fixes available 2 of 5

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer...

2 affected packages

pjproject, ring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pjproject Not in release Not in release Needs evaluation Needs evaluation
ring Not in release Fixed Fixed Ignored
Show less packages

CVE-2022-23537

Medium priority

Some fixes available 2 of 10

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted...

4 affected packages

asterisk, pjproject, ring, sip

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
asterisk Needs evaluation Vulnerable Not affected Not affected Needs evaluation
pjproject Not in release Not in release Vulnerable Needs evaluation
ring Not in release Not in release Fixed Fixed Ignored
sip Not in release Not in release Not in release Ignored
Show less packages

CVE-2022-31692

Medium priority
Needs evaluation

Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following...

1 affected packages

libspring-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libspring-java Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-31690

Medium priority
Needs evaluation

Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a...

1 affected packages

libspring-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libspring-java Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-39269

Medium priority
Needs evaluation

PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media...

3 affected packages

asterisk, pjproject, ring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
asterisk Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
pjproject Not in release Not in release Needs evaluation Needs evaluation
ring Not in release Not in release Needs evaluation Needs evaluation Ignored
Show less packages

CVE-2022-39244

Medium priority

Some fixes available 2 of 13

PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users...

3 affected packages

asterisk, pjproject, ring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
asterisk Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
pjproject Not in release Not in release Needs evaluation Needs evaluation
ring Not in release Not in release Fixed Fixed Ignored
Show less packages

CVE-2011-4916

Low priority
Ignored

Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.

18 affected packages

linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-armadaxp
linux-ec2
linux-flo
linux-fsl-imx51
linux-goldfish
linux-grouper
linux-lts-backport-maverick
linux-lts-backport-natty
linux-lts-backport-oneiric
linux-lts-quantal
linux-lts-raring
linux-lts-saucy
linux-maguro
linux-mako
linux-manta
linux-mvl-dove
linux-ti-omap4
Show all 18 packages Show less packages

CVE-2022-31031

Medium priority

Some fixes available 2 of 5

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer...

2 affected packages

pjproject, ring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pjproject Not in release Not in release Not in release Vulnerable Vulnerable
ring Not in release Fixed Fixed Ignored
Show less packages

CVE-2022-22978

Medium priority
Needs evaluation

In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with...

2 affected packages

libspring-java, libspring-security-2.0-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libspring-java Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libspring-security-2.0-java
Show less packages