Search CVE reports
21 – 30 of 42237 results
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 20.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | — |
| tomcat9 | Needs evaluation |
| tomcat10 | — |
| tomcat11 | — |
Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/* paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to...
1 affected package
activemq
| Package | 20.04 LTS |
|---|---|
| activemq | Needs evaluation |
Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can...
1 affected package
activemq
| Package | 20.04 LTS |
|---|---|
| activemq | Needs evaluation |
Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a...
1 affected package
activemq
| Package | 20.04 LTS |
|---|---|
| activemq | Needs evaluation |
[Unknown description]
1 affected package
rpm
| Package | 20.04 LTS |
|---|---|
| rpm | Needs evaluation |
GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single execution. GNU gzip maintains a global...
1 affected package
gzip
| Package | 20.04 LTS |
|---|---|
| gzip | Needs evaluation |
GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the user’s PATH, gzexe falls back to constructing a temporary file path based solely...
1 affected package
gzip
| Package | 20.04 LTS |
|---|---|
| gzip | Needs evaluation |
A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or...
1 affected package
libzypp
| Package | 20.04 LTS |
|---|---|
| libzypp | Needs evaluation |
A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered_buf pointer may remain stale after being freed during unpacking state...
1 affected package
libarchive
| Package | 20.04 LTS |
|---|---|
| libarchive | Needs evaluation |
CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path. The decrypt_done($tag) form compares it against the computed tag with memNE (memcmp() != 0), which...
1 affected package
libcryptx-perl
| Package | 20.04 LTS |
|---|---|
| libcryptx-perl | Needs evaluation |