Search CVE reports
21 – 30 of 29718 results
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 26.04 LTS |
|---|---|
| tomcat6 | Not in release |
| tomcat7 | Not in release |
| tomcat8 | Not in release |
| tomcat9 | Needs evaluation |
| tomcat10 | Needs evaluation |
| tomcat11 | Needs evaluation |
Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/* paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |
Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |
Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |
decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode() function splits input on '%' producing N tokens and calls decodeComponents(), exhibiting super-linear parsing time: 200 '%ab' tokens takes...
1 affected package
node-source-map-resolve
| Package | 26.04 LTS |
|---|---|
| node-source-map-resolve | Needs evaluation |
[Unknown description]
1 affected package
rpm
| Package | 26.04 LTS |
|---|---|
| rpm | Needs evaluation |
GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single execution. GNU gzip maintains a global...
1 affected package
gzip
| Package | 26.04 LTS |
|---|---|
| gzip | Needs evaluation |
GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the user’s PATH, gzexe falls back to constructing a temporary file path based solely...
1 affected package
gzip
| Package | 26.04 LTS |
|---|---|
| gzip | Needs evaluation |
A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or...
1 affected package
libzypp
| Package | 26.04 LTS |
|---|---|
| libzypp | Needs evaluation |