Search CVE reports
911 – 920 of 36525 results
SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the private space that allows attackers to execute arbitrary code in the context of the web server. Attackers can exploit this vulnerability to achieve...
1 affected package
spip
| Package | 24.04 LTS |
|---|---|
| spip | Needs evaluation |
phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc). This is a bypass of CVE-2024-27355. This...
3 affected packages
php-phpseclib, php-phpseclib3, phpseclib
| Package | 24.04 LTS |
|---|---|
| php-phpseclib | Needs evaluation |
| php-phpseclib3 | Needs evaluation |
| phpseclib | Needs evaluation |
Not in release
linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entra ID. Prior to 1.8.1, platform/chrome/js/platform-chrome.js:69-88 registers a single declarativeNetRequest rule whose urlFilter is Platform.SSO_URL + "/*", i.e....
1 affected package
linux-entra-sso
| Package | 24.04 LTS |
|---|---|
| linux-entra-sso | Not in release |
Not in release
The llm CLI tool thru 0.27.1 contains a critical code injection vulnerability via its --functions command-line argument. This argument is intended to allow users to provide custom Python function definitions. However, the tool...
1 affected package
llm
| Package | 24.04 LTS |
|---|---|
| llm | Not in release |
YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 (sexagesimal) parsing code in perl_syck.h has a buffer underflow bug in both int#base60 and float#base60 handlers. When processing the leftmost...
1 affected package
libyaml-syck-perl
| Package | 24.04 LTS |
|---|---|
| libyaml-syck-perl | Needs evaluation |
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Processors within VMX non-root (guest) operation may allow an information disclosure....
1 affected package
intel-microcode
| Package | 24.04 LTS |
|---|---|
| intel-microcode | Needs evaluation |
Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54,...
6 affected packages
tomcat10, tomcat11, tomcat9, tomcat6, tomcat7, tomcat8
| Package | 24.04 LTS |
|---|---|
| tomcat10 | Vulnerable |
| tomcat11 | Not in release |
| tomcat9 | Vulnerable |
| tomcat6 | Not in release |
| tomcat7 | Not in release |
| tomcat8 | Not in release |
DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117,...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 24.04 LTS |
|---|---|
| tomcat6 | Not in release |
| tomcat7 | Not in release |
| tomcat8 | Not in release |
| tomcat9 | Vulnerable |
| tomcat10 | Vulnerable |
| tomcat11 | Not in release |
Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from...
6 affected packages
tomcat11, tomcat7, tomcat8, tomcat9, tomcat6, tomcat10
| Package | 24.04 LTS |
|---|---|
| tomcat11 | Not in release |
| tomcat7 | Not in release |
| tomcat8 | Not in release |
| tomcat9 | Vulnerable |
| tomcat6 | Not in release |
| tomcat10 | Vulnerable |
Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0-M1 through 10.0.27. Older, end...
6 affected packages
tomcat10, tomcat11, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 24.04 LTS |
|---|---|
| tomcat10 | Vulnerable |
| tomcat11 | Not in release |
| tomcat6 | Not in release |
| tomcat7 | Not in release |
| tomcat8 | Not in release |
| tomcat9 | Vulnerable |