Search CVE reports
11 – 20 of 324 results
CVE-2024-21910
Medium priorityTinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an...
1 affected packages
tinymce
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
tinymce | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-21908
Medium priorityTinyMCE versions before 5.9.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in...
1 affected packages
tinymce
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
tinymce | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-46589
Medium priorityImproper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer...
3 affected packages
tomcat10, tomcat8, tomcat9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
tomcat10 | Not affected | Not in release | Not in release | Ignored | Ignored |
tomcat8 | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
tomcat9 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
CVE-2023-48219
Medium priorityTinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE’s core undo/redo functionality and other APIs and plugins. Text nodes within specific parents are not...
1 affected packages
tinymce
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
tinymce | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-46853
Medium priorityIn Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n.
1 affected packages
memcached
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
memcached | Not affected | Fixed | Not affected | Not affected | Not affected |
CVE-2023-46852
Medium priorityIn Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring.
1 affected packages
memcached
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
memcached | Not affected | Fixed | Not affected | Not affected | Not affected |
CVE-2023-45819
Medium priorityTinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in...
1 affected packages
tinymce
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
tinymce | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-45818
Medium priorityTinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE’s core undo and redo functionality. When a carefully-crafted HTML snippet passes the XSS sanitisation...
1 affected packages
tinymce
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
tinymce | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-45648
Medium priorityImproper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer...
3 affected packages
tomcat10, tomcat8, tomcat9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
tomcat10 | Needs evaluation | Not in release | Not in release | Ignored | Ignored |
tomcat8 | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
tomcat9 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
CVE-2023-42795
Medium priorityIncomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through...
3 affected packages
tomcat10, tomcat8, tomcat9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
tomcat10 | Needs evaluation | Not in release | Not in release | Ignored | Ignored |
tomcat8 | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
tomcat9 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |