Search CVE reports
11 – 20 of 29718 results
Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic temporary destinations are expected to be isolated to the connection that created them. The isolation can...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |
attr before version 2.6.0 contains a symlink traversal vulnerability in the getfattr and setfattr utilities that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link during directory...
1 affected package
attr
| Package | 26.04 LTS |
|---|---|
| attr | Needs evaluation |
acl before version 2.4.0 contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat()...
1 affected package
acl
| Package | 26.04 LTS |
|---|---|
| acl | Needs evaluation |
acl before version 2.4.0 contains a symlink traversal vulnerability in the libacl pathname-based functions acl_get_file(), acl_set_file(), acl_extended_file(), and acl_delete_def_file() that allows local attackers to escalate...
1 affected package
acl
| Package | 26.04 LTS |
|---|---|
| acl | Needs evaluation |
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker. An authenticated user can cause a broker DoS by sending a crafted OpenWire Message...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |
Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 26.04 LTS |
|---|---|
| tomcat6 | Not in release |
| tomcat7 | Not in release |
| tomcat8 | Not in release |
| tomcat9 | Needs evaluation |
| tomcat10 | Needs evaluation |
| tomcat11 | Needs evaluation |
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat:...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 26.04 LTS |
|---|---|
| tomcat6 | Not in release |
| tomcat7 | Not in release |
| tomcat8 | Not in release |
| tomcat9 | Needs evaluation |
| tomcat10 | Needs evaluation |
| tomcat11 | Needs evaluation |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console. The browse page in the web console renders a message Id directly...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |
Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |