Search CVE reports
121 – 130 of 31801 results
CVE-2024-52303
Medium priorityaiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, a memory leak can occur when a request produces a MatchInfoError. This was caused by adding an...
1 affected packages
python-aiohttp
| Package | 18.04 LTS |
|---|---|
| python-aiohttp | Needs evaluation |
CVE-2024-52318
Medium priorityIncorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.
5 affected packages
tomcat10, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 18.04 LTS |
|---|---|
| tomcat10 | — |
| tomcat6 | — |
| tomcat7 | Needs evaluation |
| tomcat8 | Needs evaluation |
| tomcat9 | Needs evaluation |
CVE-2024-52317
Medium priorityIncorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requests could lead to request and/or response mix-up between users. This issue affects Apache...
5 affected packages
tomcat10, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 18.04 LTS |
|---|---|
| tomcat10 | — |
| tomcat6 | — |
| tomcat7 | Needs evaluation |
| tomcat8 | Needs evaluation |
| tomcat9 | Needs evaluation |
CVE-2024-52316
Medium priorityUnchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process...
5 affected packages
tomcat10, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 18.04 LTS |
|---|---|
| tomcat10 | — |
| tomcat6 | — |
| tomcat7 | Needs evaluation |
| tomcat8 | Needs evaluation |
| tomcat9 | Needs evaluation |
CVE-2024-48901
Medium priorityA vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report.
1 affected packages
moodle
| Package | 18.04 LTS |
|---|---|
| moodle | Needs evaluation |
CVE-2024-48898
Medium priorityA vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.
1 affected packages
moodle
| Package | 18.04 LTS |
|---|---|
| moodle | Needs evaluation |
CVE-2024-48897
Medium priorityA vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify.
1 affected packages
moodle
| Package | 18.04 LTS |
|---|---|
| moodle | Needs evaluation |
CVE-2024-48896
Medium priorityA vulnerability was found in Moodle. It is possible for users with the "send message" capability to view other users' names that they may not otherwise have access to via an error message in Messaging. Note: The name returned...
1 affected packages
moodle
| Package | 18.04 LTS |
|---|---|
| moodle | Needs evaluation |
CVE-2024-52947
Medium priorityA cross-site scripting (XSS) vulnerability in LemonLDAP::NG before 2.20.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter of the upgrade session confirmation page (upgradeSession...
1 affected packages
lemonldap-ng
| Package | 18.04 LTS |
|---|---|
| lemonldap-ng | Needs evaluation |
CVE-2024-52946
Medium priorityAn issue was discovered in LemonLDAP::NG before 2.20.1. An Improper Check during session refresh allows an authenticated user to raise their authentication level if the admin configured an "Adaptative authentication rule" with an...
1 affected packages
lemonldap-ng
| Package | 18.04 LTS |
|---|---|
| lemonldap-ng | Needs evaluation |