Search CVE reports
121 – 130 of 26940 results
CVE-2024-52303
Medium priorityaiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, a memory leak can occur when a request produces a MatchInfoError. This was caused by adding an...
1 affected packages
python-aiohttp
| Package | 20.04 LTS |
|---|---|
| python-aiohttp | Needs evaluation |
CVE-2024-47533
Medium priorityNot in release
Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2.3 and...
1 affected packages
cobbler
| Package | 20.04 LTS |
|---|---|
| cobbler | Not in release |
CVE-2024-43416
Medium priorityNot in release
GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an unauthenticated user can use an application endpoint to check if an email address corresponds to a valid GLPI user....
1 affected packages
glpi
| Package | 20.04 LTS |
|---|---|
| glpi | Not in release |
CVE-2024-52318
Medium priorityIncorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.
5 affected packages
tomcat10, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 20.04 LTS |
|---|---|
| tomcat10 | Not in release |
| tomcat6 | Not in release |
| tomcat7 | Not in release |
| tomcat8 | Not in release |
| tomcat9 | Needs evaluation |
CVE-2024-52317
Medium priorityIncorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requests could lead to request and/or response mix-up between users. This issue affects Apache...
5 affected packages
tomcat10, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 20.04 LTS |
|---|---|
| tomcat10 | Not in release |
| tomcat6 | Not in release |
| tomcat7 | Not in release |
| tomcat8 | Not in release |
| tomcat9 | Needs evaluation |
CVE-2024-52316
Medium priorityUnchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process...
5 affected packages
tomcat10, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 20.04 LTS |
|---|---|
| tomcat10 | Not in release |
| tomcat6 | Not in release |
| tomcat7 | Not in release |
| tomcat8 | Not in release |
| tomcat9 | Needs evaluation |
CVE-2024-48901
Medium priorityNot in release
A vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report.
1 affected packages
moodle
| Package | 20.04 LTS |
|---|---|
| moodle | Not in release |
CVE-2024-48898
Medium priorityNot in release
A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.
1 affected packages
moodle
| Package | 20.04 LTS |
|---|---|
| moodle | Not in release |
CVE-2024-48897
Medium priorityNot in release
A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify.
1 affected packages
moodle
| Package | 20.04 LTS |
|---|---|
| moodle | Not in release |
CVE-2024-48896
Medium priorityNot in release
A vulnerability was found in Moodle. It is possible for users with the "send message" capability to view other users' names that they may not otherwise have access to via an error message in Messaging. Note: The name returned...
1 affected packages
moodle
| Package | 20.04 LTS |
|---|---|
| moodle | Not in release |