Search CVE reports

Toggle filters

41 – 43 of 43 results

CVE-2014-4715

Medium priority

Some fixes available 1 of 56

Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service (memory...

10 affected packages

eet, efl, firefox, grub2, gtkwave...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eet Not in release Not in release Not in release Not in release
efl Not affected Not affected Not affected Not affected
firefox Not affected Not affected Not affected Not affected
grub2 Not affected Not affected Not affected Not affected
gtkwave Not affected Not affected Not affected Not affected
lz4 Not affected Not affected Not affected Not affected
php-horde-lz4 Not in release Not in release Not affected Not affected
pytables Not affected Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected Not affected
zfsutils Not in release Not in release Not in release Not in release
Show all 10 packages Show less packages

CVE-2013-4577

Low priority

Some fixes available 15 of 20

A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the file.

1 affected package

grub2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
grub2 Fixed Fixed Fixed
Show less packages

CVE-2009-4128

Medium priority
Fixed

GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted portion of a password with the actual password, which makes it easier for physically proximate attackers to conduct brute force attacks and...

1 affected package

grub2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
grub2
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON