Search CVE reports
81 – 90 of 51455 results
A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered_buf pointer may remain stale after being freed during unpacking state...
1 affected package
libarchive
| Package | 16.04 LTS |
|---|---|
| libarchive | Needs evaluation |
A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw...
1 affected package
sssd
| Package | 16.04 LTS |
|---|---|
| sssd | Needs evaluation |
Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | Needs evaluation |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |
Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint. This issue affects Apache Tomcat:...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | Needs evaluation |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |
Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | Needs evaluation |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat:...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | Needs evaluation |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |
Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | Needs evaluation |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat:...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | Needs evaluation |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | Needs evaluation |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |
A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() form a mutually-recursive call chain with no recursion depth limit when...
1 affected package
p11-kit
| Package | 16.04 LTS |
|---|---|
| p11-kit | Vulnerable |