Search CVE reports
41 – 50 of 366 results
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed...
2 affected packages
roundcube, tinymce
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| roundcube | Vulnerable | Vulnerable | Vulnerable | Not affected | Not affected |
| tinymce | Not in release | Not in release | Not in release | Not affected | Not affected |
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content extraction code. When using the `noneditable_regexp` option, specially crafted HTML attributes containing...
2 affected packages
roundcube, tinymce
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| roundcube | Vulnerable | Vulnerable | Vulnerable | Not affected | Not affected |
| tinymce | Not in release | Not in release | Not in release | Not affected | Not affected |
GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL pointer dereference via the function x_error_handler() at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem...
1 affected package
mc
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mc | — | Not affected | Not affected | Not affected | Not affected |
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content loading and content inserting code. A SVG image could be loaded though an `object` or `embed` element and...
1 affected package
tinymce
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tinymce | Not in release | Not in release | Not in release | Ignored | Needs evaluation |
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content insertion code. This allowed `iframe` elements containing malicious code to execute when inserted into the...
1 affected package
tinymce
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tinymce | Not in release | Not in release | Not in release | Ignored | Needs evaluation |
Some fixes available 10 of 14
Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat10, tomcat9, tomcat11
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat6 | Not in release | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | Not in release | Not in release | Not in release | Not in release | Fixed |
| tomcat10 | Not affected | Fixed | Not in release | Not in release | — |
| tomcat9 | Fixed | Fixed | Fixed | Fixed | Fixed |
| tomcat11 | Needs evaluation | Not in release | Not in release | Not in release | Not in release |
Some fixes available 10 of 18
Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat6 | Not in release | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| tomcat8 | Not in release | Not in release | Not in release | Not in release | Fixed |
| tomcat9 | Fixed | Fixed | Fixed | Fixed | Fixed |
| tomcat10 | Not affected | Fixed | Not in release | Not in release | — |
| tomcat11 | Needs evaluation | Not in release | Not in release | Not in release | Not in release |
Improper access control in some Intel(R) Optane(TM) PMem software before versions 01.00.00.3547, 02.00.00.3915, 03.00.00.0483 may allow an athenticated user to potentially enable escalation of privilege via local access.
1 affected package
ipmctl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ipmctl | Not in release | Not affected | Needs evaluation | Ignored | Not in release |
Some fixes available 3 of 7
Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Other, EOL versions may also...
5 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat6 | Not in release | Not in release | Not in release | Not in release | Not in release |
| tomcat7 | Not in release | Not in release | Not in release | Not in release | Ignored |
| tomcat8 | Not in release | Not in release | Not in release | Not in release | Fixed |
| tomcat9 | Not affected | Not affected | Not affected | Fixed | Fixed |
| tomcat10 | Not affected | Not affected | Not in release | Not in release | Not in release |
TinyMCE versions before 5.6.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in...
1 affected package
tinymce
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tinymce | Not in release | Not in release | Not in release | Ignored | Ignored |