Search CVE reports
1 – 4 of 4 results
Some fixes available 1 of 4
An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful.
1 affected package
awl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| awl | Not affected | Not affected | Not affected | Fixed | Vulnerable |
Some fixes available 1 of 2
An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time (and the incrementing session_id)...
1 affected package
awl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| awl | Not affected | Not affected | Not affected | Fixed | Ignored |
Some fixes available 3 of 4
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
1 affected package
crawl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| crawl | — | Not affected | Not affected | Fixed | Fixed |
crawl before 4.0.0 does not securely call programs when saving and loading games, which allows local users to gain privileges.
1 affected package
crawl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| crawl | — | — | — | — | — |