Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threats Tagged 'ubuntu-pro-20-04-lts'

View all threats tagged with 'ubuntu-pro-20-04-lts'. Filter and sort to focus on specific types of threats.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.
Active filters (1):Tag: ubuntu-pro-20-04-lts

Threats Tagged 'ubuntu-pro-20-04-lts'

Click on any threat for detailed analysis and mitigation recommendations

USN-8134-1: pyasn1 vulnerabilities
0

Two vulnerabilities in the pyasn1 library can lead to denial of service by exhausting system resources when decoding malformed or maliciously crafted certificates. These issues arise from uncontrolled recursion during decoding attempts. The affected versions include specific Ubuntu package versions of pyasn1. No CVSS score is provided, and no known exploits are reported in the wild.

Join the discussion
USN-8547-1: linux-gcp-5.15, linux-intel-iotg-5.15 vulnerabilities
0

Multiple security vulnerabilities were discovered in the Linux kernel affecting numerous subsystems including architecture-specific components, drivers, networking, file systems, and virtualization. These flaws could potentially allow an attacker to compromise the system. The update addresses a wide range of kernel components to correct these issues. No specific exploit details or severity scores are provided.

Join the discussion
UBUNTU-CVE-2024-25176
0

A stack-buffer-overflow vulnerability exists in LuaJIT through version 2.1 and OpenRusty luajit2 before v2.1-20240626 in the lj_strfmt_wfnum function within lj_strfmt_num.c. This vulnerability can lead to complete compromise of confidentiality, integrity, and availability. Multiple specific package versions of LuaJIT are affected. No known exploits are reported in the wild at this time.

Join the discussion
UBUNTU-CVE-2024-25177
0

LuaJIT versions through 2.1 and OpenRusty luajit2 before v2.1-20240314 contain a vulnerability involving unsinking of IR_FSTORE for NULL metatable, which can lead to a Denial of Service (DoS) condition. This issue affects multiple specific versions of LuaJIT as packaged in various Ubuntu releases. The vulnerability does not impact confidentiality or integrity but can cause application or system availability disruption.

Join the discussion
UBUNTU-CVE-2024-25178
0

LuaJIT through version 2.1 and OpenRusty luajit2 before v2.1-20240314 contain an out-of-bounds read vulnerability in the stack-overflow handler located in lj_state.c. This vulnerability can lead to a high impact on confidentiality and availability without requiring user interaction or privileges. Multiple specific versions of LuaJIT are affected, including several Ubuntu package versions. No known exploits are reported in the wild at this time.

Join the discussion
UBUNTU-CVE-2024-38286
0

Apache Tomcat versions from 11.0.0-M1 through 11.0.0-M20, 10.1.0-M1 through 10.1.24, and 9.0.13 through 9.0.89, as well as certain end-of-life versions, contain a vulnerability that allows resource allocation without limits or throttling. This can be exploited via the TLS handshake process to cause an OutOfMemoryError, potentially leading to denial of service. Fixed versions include 11.0.0-M21, 10.1.25, and 9.0.90.

Join the discussion
UBUNTU-CVE-2024-52316
0

A vulnerability in Apache Tomcat allows authentication bypass if a custom Jakarta Authentication ServerAuthContext component throws an exception without setting an HTTP failure status. No known Jakarta Authentication components currently behave this way. The issue affects multiple Apache Tomcat versions including 8.5.0 through 8.5.100, 9.0.0-M1 through 9.0.95, 10.1.0-M1 through 10.1.30, and 11.0.0-M1 through 11.0.0-M26. Users should upgrade to fixed versions 11.0.0, 10.1.31, or 9.0.96 to address this vulnerability.

Join the discussion
UBUNTU-CVE-2024-54677
0

An uncontrolled resource consumption vulnerability exists in the examples web application provided with Apache Tomcat, which can lead to denial of service. This affects multiple Apache Tomcat versions including 8.5.0 through 8.5.100, 9.0.0.M1 through 9.9.97, 10.1.0-M1 through 10.1.33, and 11.0.0-M1 through 11.0.1. Users are advised to upgrade to fixed versions 11.0.2, 10.1.34, or 9.0.98 to remediate the issue.

Join the discussion
UBUNTU-CVE-2024-55919
0

An improper input validation vulnerability exists in the generic SSO login functionality of the Sympa product. This issue could potentially allow unexpected or malformed input to be processed, which may lead to security risks depending on the context of use. No specific affected versions or detailed impact scenarios are provided. There is no CVSS score or vendor advisory available at this time.

Join the discussion
UBUNTU-CVE-2024-56337
0

A Time-of-check Time-of-use (TOCTOU) race condition vulnerability exists in Apache Tomcat affecting multiple versions including 8.5.0 through 8.5.100, 9.0.0.M1 through 9.0.97, 10.1.0-M1 through 10.1.33, and 11.0.0-M1 through 11.0.1. The vulnerability relates to the default servlet write capability on case insensitive file systems and requires specific Java system property configurations to mitigate. Later Tomcat versions (9.0.99, 10.1.35, 11.0.3) include checks and default settings to address this issue. Users must configure the system property sun.io.useCanonCaches appropriately depending on their Java version to fully mitigate the vulnerability.

Join the discussion

Showing 1 to 10 of 232 results

Filters:Tag: ubuntu-pro-20-04-lts
Page 1 of 24
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses