Search CVE reports

Toggle filters

211 – 220 of 33695 results

Status is adjusted based on your filters.

CVE-2026-4878

Medium priority
Needs evaluation

[Address a potential TOCTOU race condition in cap_set_file()]

1 affected package

libcap2

Package 24.04 LTS
libcap2 Needs evaluation
Show less packages

CVE-2026-34197

Medium priority
Needs evaluation

Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web...

1 affected package

activemq

Package 24.04 LTS
activemq Needs evaluation
Show less packages

CVE-2026-33227

Medium priority
Needs evaluation

Improper validation and restriction of a classpath path name vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All. In two instances (when creating a Stomp consumer and also browsing messages in the...

1 affected package

activemq

Package 24.04 LTS
activemq Needs evaluation
Show less packages

CVE-2026-31790

Medium priority

Some fixes available 1 of 2

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain...

5 affected packages

openssl, openssl-fips, openssl1.0, nodejs, edk2

Package 24.04 LTS
openssl Fixed
openssl-fips Not in release
openssl1.0 Not in release
nodejs Not affected
edk2 Vulnerable
Show less packages

CVE-2026-31789

Low priority

Some fixes available 1 of 2

Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker...

5 affected packages

openssl, openssl-fips, openssl1.0, nodejs, edk2

Package 24.04 LTS
openssl Fixed
openssl-fips Not in release
openssl1.0 Not in release
nodejs Not affected
edk2 Vulnerable
Show less packages

CVE-2026-28810

Medium priority
Needs evaluation

Generation of Predictable Numbers or Identifiers vulnerability in Erlang/OTP kernel (inet_res, inet_db modules) allows DNS Cache Poisoning. The built-in DNS resolver (inet_res) uses a sequential, process-global 16-bit transaction...

1 affected package

erlang

Package 24.04 LTS
erlang Needs evaluation
Show less packages

CVE-2026-28390

Low priority

Some fixes available 1 of 2

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before...

5 affected packages

openssl, openssl-fips, openssl1.0, nodejs, edk2

Package 24.04 LTS
openssl Fixed
openssl-fips Not in release
openssl1.0 Not in release
nodejs Not affected
edk2 Needs evaluation
Show less packages

CVE-2026-28389

Low priority

Some fixes available 1 of 2

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before...

5 affected packages

openssl, openssl-fips, openssl1.0, nodejs, edk2

Package 24.04 LTS
openssl Fixed
openssl-fips Not in release
openssl1.0 Not in release
nodejs Not affected
edk2 Needs evaluation
Show less packages

CVE-2026-28388

Low priority

Some fixes available 1 of 2

Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A NULL pointer dereference can...

5 affected packages

openssl, openssl-fips, openssl1.0, nodejs, edk2

Package 24.04 LTS
openssl Fixed
openssl-fips Not in release
openssl1.0 Not in release
nodejs Not affected
edk2 Needs evaluation
Show less packages

CVE-2026-28387

Low priority

Some fixes available 1 of 2

Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact...

5 affected packages

openssl, openssl-fips, openssl1.0, nodejs, edk2

Package 24.04 LTS
openssl Fixed
openssl-fips Not in release
openssl1.0 Not in release
nodejs Not affected
edk2 Needs evaluation
Show less packages
  1. Previous page
  2. 20
  3. 21
  4. 22
  5. 23
  6. 24
  7. Next page
Export to JSON