Search CVE reports


Toggle filters

121 – 130 of 1260 results


CVE-2026-28690

Medium priority

Some fixes available 6 of 7

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Fixed Fixed Fixed Fixed
Show less packages

CVE-2026-28689

Medium priority
Needs evaluation

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, domain="path" authorization is checked before final file open/use. A symlink swap between...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-28688

Medium priority
Needs evaluation

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap-use-after-free vulnerability exists in the MSL encoder, where a cloned image is...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-28687

Medium priority
Needs evaluation

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-28686

Medium priority
Needs evaluation

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, A heap-buffer-overflow vulnerability exists in the PCL encode due to an undersized output...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-28494

Medium priority
Needs evaluation

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow exists in ImageMagick's morphology kernel parsing functions....

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-28493

Medium priority
Vulnerable

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2026-28343

Medium priority
Needs evaluation

CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. Starting in version 29.0.0 and prior to version 47.6.0, a cross-site scripting (XSS) vulnerability has been discovered in the General HTML Support...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ckeditor Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ckeditor3 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ldap-account-manager Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
request-tracker4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-28370

Medium priority
Needs evaluation

In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This...

1 affected package

vitrage

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
vitrage Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-27141

Medium priority
Fixed

Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic

7 affected packages

adsys, containerd, golang-golang-x-net, golang-golang-x-net-dev, google-guest-agent...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
adsys Fixed Not affected Not affected Not affected
containerd Not affected Not affected Not affected Not affected Not affected
golang-golang-x-net Not affected Not affected Not affected
golang-golang-x-net-dev Not in release Not in release Not in release Not affected Not affected
google-guest-agent Not affected Not affected Not affected Not affected Not affected
juju-core Not in release Not in release Not in release
lxd Not in release Not in release Not in release Not affected Not affected
Show all 7 packages Show less packages