Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

121 – 130 of 26941 results

Status is adjusted based on your filters.


CVE-2024-52304

Medium priority
Needs evaluation

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.10.11, the Python parser parses newlines in chunk extensions incorrectly which can lead to request smuggling vulnerabilities under...

1 affected packages

python-aiohttp

Package 20.04 LTS
python-aiohttp Needs evaluation
Show less packages

CVE-2024-52303

Medium priority
Needs evaluation

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, a memory leak can occur when a request produces a MatchInfoError. This was caused by adding an...

1 affected packages

python-aiohttp

Package 20.04 LTS
python-aiohttp Needs evaluation
Show less packages

CVE-2024-47533

Medium priority

Not in release

Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2.3 and...

1 affected packages

cobbler

Package 20.04 LTS
cobbler Not in release
Show less packages

CVE-2024-43416

Medium priority

Not in release

GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an unauthenticated user can use an application endpoint to check if an email address corresponds to a valid GLPI user....

1 affected packages

glpi

Package 20.04 LTS
glpi Not in release
Show less packages

CVE-2024-52318

Medium priority
Needs evaluation

Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.

5 affected packages

tomcat10, tomcat6, tomcat7, tomcat8, tomcat9

Package 20.04 LTS
tomcat10 Not in release
tomcat6 Not in release
tomcat7 Not in release
tomcat8 Not in release
tomcat9 Needs evaluation
Show less packages

CVE-2024-52317

Medium priority
Needs evaluation

Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requests could lead to request and/or response mix-up between users. This issue affects Apache...

5 affected packages

tomcat10, tomcat6, tomcat7, tomcat8, tomcat9

Package 20.04 LTS
tomcat10 Not in release
tomcat6 Not in release
tomcat7 Not in release
tomcat8 Not in release
tomcat9 Needs evaluation
Show less packages

CVE-2024-52316

Medium priority
Needs evaluation

Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process...

5 affected packages

tomcat10, tomcat6, tomcat7, tomcat8, tomcat9

Package 20.04 LTS
tomcat10 Not in release
tomcat6 Not in release
tomcat7 Not in release
tomcat8 Not in release
tomcat9 Needs evaluation
Show less packages

CVE-2024-48901

Medium priority

Not in release

A vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report.

1 affected packages

moodle

Package 20.04 LTS
moodle Not in release
Show less packages

CVE-2024-48898

Medium priority

Not in release

A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.

1 affected packages

moodle

Package 20.04 LTS
moodle Not in release
Show less packages

CVE-2024-48897

Medium priority

Not in release

A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify.

1 affected packages

moodle

Package 20.04 LTS
moodle Not in release
Show less packages