Search CVE reports
41 – 50 of 368 results
Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root
5 affected packages
tomcat6, tomcat7, tomcat8, tomcat10, tomcat9
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat6 | — | Not in release | Not in release | Not in release | — |
| tomcat7 | — | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | — | Not in release | Not in release | Not in release | Not affected |
| tomcat10 | — | Not affected | Not in release | Not in release | — |
| tomcat9 | — | Not affected | Not affected | Not affected | Not affected |
Some fixes available 7 of 12
Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a...
6 affected packages
tomcat10, tomcat6, tomcat7, tomcat8, tomcat9, tomcat11
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat10 | Not affected | Fixed | Not in release | Not in release | — |
| tomcat6 | Not in release | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat9 | Fixed | Fixed | Fixed | Ignored | Ignored |
| tomcat11 | Needs evaluation | Not in release | Not in release | Not in release | Not in release |
Some fixes available 2 of 7
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed...
2 affected packages
roundcube, tinymce
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| roundcube | Vulnerable | Fixed | Fixed | Not affected | Not affected |
| tinymce | Not in release | Not in release | Not in release | Not affected | Not affected |
Some fixes available 2 of 7
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content extraction code. When using the `noneditable_regexp` option, specially crafted HTML attributes containing...
2 affected packages
roundcube, tinymce
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| roundcube | Vulnerable | Fixed | Fixed | Not affected | Not affected |
| tinymce | Not in release | Not in release | Not in release | Not affected | Not affected |
GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL pointer dereference via the function x_error_handler() at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem...
1 affected package
mc
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mc | — | Not affected | Not affected | Not affected | Not affected |
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content loading and content inserting code. A SVG image could be loaded though an `object` or `embed` element and...
1 affected package
tinymce
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tinymce | Not in release | Not in release | Not in release | Ignored | Needs evaluation |
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content insertion code. This allowed `iframe` elements containing malicious code to execute when inserted into the...
1 affected package
tinymce
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tinymce | Not in release | Not in release | Not in release | Ignored | Needs evaluation |
Some fixes available 10 of 14
Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat10, tomcat9, tomcat11
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat6 | Not in release | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | Not in release | Not in release | Not in release | Not in release | Fixed |
| tomcat10 | Not affected | Fixed | Not in release | Not in release | — |
| tomcat9 | Fixed | Fixed | Fixed | Fixed | Fixed |
| tomcat11 | Needs evaluation | Not in release | Not in release | Not in release | Not in release |
Some fixes available 10 of 18
Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat6 | Not in release | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| tomcat8 | Not in release | Not in release | Not in release | Not in release | Fixed |
| tomcat9 | Fixed | Fixed | Fixed | Fixed | Fixed |
| tomcat10 | Not affected | Fixed | Not in release | Not in release | — |
| tomcat11 | Needs evaluation | Not in release | Not in release | Not in release | Not in release |
Improper access control in some Intel(R) Optane(TM) PMem software before versions 01.00.00.3547, 02.00.00.3915, 03.00.00.0483 may allow an athenticated user to potentially enable escalation of privilege via local access.
1 affected package
ipmctl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ipmctl | Not in release | Not affected | Needs evaluation | Ignored | Not in release |