Search CVE reports
471 – 480 of 50428 results
YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 (sexagesimal) parsing code in perl_syck.h has a buffer underflow bug in both int#base60 and float#base60 handlers. When processing the leftmost...
1 affected package
libyaml-syck-perl
| Package | 16.04 LTS |
|---|---|
| libyaml-syck-perl | Ignored |
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Processors within VMX non-root (guest) operation may allow an information disclosure....
1 affected package
intel-microcode
| Package | 16.04 LTS |
|---|---|
| intel-microcode | Needs evaluation |
Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54,...
6 affected packages
tomcat10, tomcat11, tomcat9, tomcat6, tomcat7, tomcat8
| Package | 16.04 LTS |
|---|---|
| tomcat10 | — |
| tomcat11 | — |
| tomcat9 | — |
| tomcat6 | Ignored |
| tomcat7 | Ignored |
| tomcat8 | Vulnerable |
DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117,...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | Vulnerable |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |
Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from...
6 affected packages
tomcat11, tomcat7, tomcat8, tomcat9, tomcat6, tomcat10
| Package | 16.04 LTS |
|---|---|
| tomcat11 | — |
| tomcat7 | Ignored |
| tomcat8 | Not affected |
| tomcat9 | — |
| tomcat6 | Ignored |
| tomcat10 | — |
Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0-M1 through 10.0.27. Older, end...
6 affected packages
tomcat10, tomcat11, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 16.04 LTS |
|---|---|
| tomcat10 | — |
| tomcat11 | — |
| tomcat6 | Ignored |
| tomcat7 | Ignored |
| tomcat8 | Not affected |
| tomcat9 | — |
Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117. Older,...
6 affected packages
tomcat7, tomcat8, tomcat6, tomcat10, tomcat11, tomcat9
| Package | 16.04 LTS |
|---|---|
| tomcat7 | Ignored |
| tomcat8 | Not affected |
| tomcat6 | Ignored |
| tomcat10 | — |
| tomcat11 | — |
| tomcat9 | — |
LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before issuing the follow-up request....
1 affected package
libwww-perl
| Package | 16.04 LTS |
|---|---|
| libwww-perl | Needs evaluation |
pam_authnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peer_lookup_tcp (src/peer_lookup.c:134, prior to the fix) allowed...
1 affected package
pam
| Package | 16.04 LTS |
|---|---|
| pam | Not affected |
An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this, so there was still another way left open. In particular, the fix was...
1 affected package
dovecot
| Package | 16.04 LTS |
|---|---|
| dovecot | Needs evaluation |