Search CVE reports
21 – 30 of 26527 results
A remotely reachable Use-After-Free (UAF) vulnerability has been identified in Exim's BDAT (binary data transmission) body parsing path when using the GnuTLS backend. This vulnerability can lead to heap corruption and potential...
1 affected package
exim4
| Package | 26.04 LTS |
|---|---|
| exim4 | Fixed |
[Unknown description]
1 affected package
twisted
| Package | 26.04 LTS |
|---|---|
| twisted | Needs evaluation |
Not in release
The Elasticsearch logging provider, when configured with a `host` URL that embeds credentials (for example `https://user:password@server.example.com:9200`), wrote the full host URL — including the embedded credentials — into task...
1 affected package
elasticsearch
| Package | 26.04 LTS |
|---|---|
| elasticsearch | Not in release |
(jq is a command-line JSON processor. In 1.8.1 and earlier, jv_contains ...)
1 affected package
jq
| Package | 26.04 LTS |
|---|---|
| jq | Needs evaluation |
Wireshark MCP is an MCP Server that turns tshark into a structured analysis interface, then layers in optional Wireshark suite utilities. In 1.1.5 and earlier, wireshark-mcp exposes a wireshark_export_objects MCP tool that accepts...
1 affected package
wireshark
| Package | 26.04 LTS |
|---|---|
| wireshark | Needs evaluation |
HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the `Host:` header,...
1 affected package
libhttp-tiny-perl
| Package | 26.04 LTS |
|---|---|
| libhttp-tiny-perl | Needs evaluation |
libcaca is a colour ASCII art library. In 0.99.beta20 and earlier, an integer overflow vulnerability in libcaca's canvas import functionality allows an attacker to cause a controlled heap out-of-bounds write (heap overflow) by...
1 affected package
libcaca
| Package | 26.04 LTS |
|---|---|
| libcaca | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and...
1 affected package
imagemagick
| Package | 26.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
`xml.parsers.expat` and `xml.etree.ElementTree` use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both...
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 26.04 LTS |
|---|---|
| python2.7 | Not in release |
| python3.4 | Not in release |
| python3.5 | Not in release |
| python3.6 | Not in release |
| python3.7 | Not in release |
| python3.8 | Not in release |
| python3.9 | Not in release |
| python3.10 | Not in release |
| python3.11 | Not in release |
| python3.12 | Not in release |
| python3.13 | Not in release |
| python3.14 | Needs evaluation |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Echo. This vulnerability is associated with program files includes/Api/ApiEchoNotifications.Php. This issue affects Echo: from *...
1 affected package
mediawiki
| Package | 26.04 LTS |
|---|---|
| mediawiki | Needs evaluation |