Search CVE reports


Toggle filters

111 – 120 of 39835 results

Status is adjusted based on your filters.


CVE-2026-15709

Medium priority
Needs evaluation

A flaw was found in libsoup's WebSocket implementation when using the permessage-deflate extension. The extension's decompression loop (inflate()) processes data in chunks without enforcing an upper boundary limit on the output...

2 affected packages

libsoup2.4, libsoup3

Package 24.04 LTS
libsoup2.4 Needs evaluation
libsoup3 Needs evaluation
Show less packages

CVE-2026-47767

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 5.4.46 until 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the CVE-2024-50340 fix gated runtime argv parsing on empty($_GET), but...

1 affected package

symfony

Package 24.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-47304

Medium priority
Vulnerable

Improper verification of cryptographic signature in .NET allows an unauthorized attacker to bypass a security feature over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 24.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Vulnerable
dotnet9 Not in release
dotnet10 Vulnerable
Show less packages

CVE-2026-47303

Medium priority
Vulnerable

Authentication bypass by assumed-immutable data in ASP.NET Core allows an authorized attacker to elevate privileges over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 24.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Vulnerable
dotnet9 Not in release
dotnet10 Vulnerable
Show less packages

CVE-2026-47302

Medium priority
Vulnerable

Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 24.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Vulnerable
dotnet9 Not in release
dotnet10 Vulnerable
Show less packages

CVE-2026-47300

Medium priority
Vulnerable

Incorrect implementation of authentication algorithm in ASP.NET Core allows an authorized attacker to elevate privileges over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 24.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Vulnerable
dotnet9 Not in release
dotnet10 Vulnerable
Show less packages

CVE-2026-45755

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 7.4.12 and 8.0.12, MailtrapRequestParser::doParse() received the configured webhook secret but ignored the X-Mt-Signature...

1 affected package

symfony

Package 24.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45754

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, the Mailjet mailer bridge and LOX24 notifier bridge webhook parsers received configured webhook...

1 affected package

symfony

Package 24.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45753

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0-BETA1 until 6.4.40, 7.4.12, and 8.0.12, UrlAttributeSanitizer::getSupportedAttributes() omits URL-valued...

1 affected package

symfony

Package 24.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45305

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Yaml\Parser::cleanup() used regular expressions with overlapping...

1 affected package

symfony

Package 24.04 LTS
symfony Needs evaluation
Show less packages