Search CVE reports
11 – 20 of 42237 results
attr before version 2.6.0 contains a symlink traversal vulnerability in the getfattr and setfattr utilities that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link during directory...
1 affected package
attr
| Package | 20.04 LTS |
|---|---|
| attr | Needs evaluation |
acl before version 2.4.0 contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat()...
1 affected package
acl
| Package | 20.04 LTS |
|---|---|
| acl | Needs evaluation |
acl before version 2.4.0 contains a symlink traversal vulnerability in the libacl pathname-based functions acl_get_file(), acl_set_file(), acl_extended_file(), and acl_delete_def_file() that allows local attackers to escalate...
1 affected package
acl
| Package | 20.04 LTS |
|---|---|
| acl | Needs evaluation |
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker. An authenticated user can cause a broker DoS by sending a crafted OpenWire Message...
1 affected package
activemq
| Package | 20.04 LTS |
|---|---|
| activemq | Needs evaluation |
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which...
1 affected package
activemq
| Package | 20.04 LTS |
|---|---|
| activemq | Needs evaluation |
Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 20.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | — |
| tomcat9 | Needs evaluation |
| tomcat10 | — |
| tomcat11 | — |
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat:...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 20.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | — |
| tomcat9 | Needs evaluation |
| tomcat10 | — |
| tomcat11 | — |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console. The browse page in the web console renders a message Id directly...
1 affected package
activemq
| Package | 20.04 LTS |
|---|---|
| activemq | Needs evaluation |
Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated...
1 affected package
activemq
| Package | 20.04 LTS |
|---|---|
| activemq | Needs evaluation |
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a...
1 affected package
activemq
| Package | 20.04 LTS |
|---|---|
| activemq | Needs evaluation |