Search CVE reports


Toggle filters

131 – 140 of 51633 results

Status is adjusted based on your filters.


CVE-2026-10037

Medium priority
Not affected

A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or...

12 affected packages

mailcap, openjdk-8, openjdk-9, openjdk-lts, openjdk-13...

Package 16.04 LTS
mailcap
openjdk-8 Not affected
openjdk-9
openjdk-lts
openjdk-13
openjdk-16
openjdk-17
openjdk-17-crac
openjdk-18
openjdk-21
openjdk-21-crac
openjdk-25
Show all 12 packages Show less packages

CVE-2026-50813

Medium priority
Needs evaluation

An issue in SQLite before Fossil check-in 869a51ae84df allows a local attacker to obtain sensitive information via the Session Extension changeset concat/changegroup merge path

2 affected packages

sqlite, sqlite3

Package 16.04 LTS
sqlite
sqlite3 Needs evaluation
Show less packages

CVE-2026-50812

Medium priority
Needs evaluation

A NULL pointer dereference in the SQLite Session Extension in SQLite 3.53.1 and SQLite trunk builds before check-in e807d4e3798efd53 allows an attacker who can supply a malformed changeset blob to cause a denial of service....

2 affected packages

sqlite, sqlite3

Package 16.04 LTS
sqlite
sqlite3 Needs evaluation
Show less packages

CVE-2026-42505

Medium priority
Needs evaluation

Handshakes which used Encrypted Client Hello could be de-anonymized by a passive network observer due to a disclosure of pre-shared key identities in the unencrypted client hello.

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 16.04 LTS
golang
golang-1.6 Needs evaluation
golang-1.8
golang-1.9
golang-1.10 Needs evaluation
golang-1.13
golang-1.14
golang-1.16
golang-1.17
golang-1.18
golang-1.20
golang-1.21
golang-1.22
golang-1.23
golang-1.24
golang-1.25
Show all 16 packages Show less packages

CVE-2026-39822

Medium priority
Needs evaluation

On Unix systems, opening a file in an os.Root improperly follows symlinks to locations outside of the Root when the final path component of the a path is a symbolic link and the path ends in /. For example, 'root.Open("symlink/")'...

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 16.04 LTS
golang
golang-1.6 Needs evaluation
golang-1.8
golang-1.9
golang-1.10 Needs evaluation
golang-1.13
golang-1.14
golang-1.16
golang-1.17
golang-1.18
golang-1.20
golang-1.21
golang-1.22
golang-1.23
golang-1.24
golang-1.25
Show all 16 packages Show less packages

CVE-2026-29009

Medium priority
Needs evaluation

U-Boot through 2026.04-rc3 contains a buffer overflow vulnerability in nfs_readlink_reply() (net/nfs-common.c) when CONFIG_CMD_NFS is enabled, allowing a malicious or compromised NFS server to overflow the 2048-byte nfs_path_buff...

2 affected packages

u-boot, u-boot-nezha

Package 16.04 LTS
u-boot Needs evaluation
u-boot-nezha
Show less packages

CVE-2026-29008

Medium priority
Needs evaluation

U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcp_rx_state_machine() function (net/tcp.c) that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet...

2 affected packages

u-boot, u-boot-nezha

Package 16.04 LTS
u-boot Needs evaluation
u-boot-nezha
Show less packages

CVE-2026-29007

Medium priority
Needs evaluation

U-Boot through 2026.04-rc3 contains an out-of-bounds read vulnerability in tcp_rx_state_machine() (net/tcp.c) when CONFIG_PROT_TCP is enabled, allowing remote attackers to read beyond TCP segment boundaries by crafting a malicious...

2 affected packages

u-boot, u-boot-nezha

Package 16.04 LTS
u-boot Needs evaluation
u-boot-nezha
Show less packages

CVE-2026-56374

Medium priority
Needs evaluation

ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the FTXT encoder due to missing boundary checks when parsing ftxt:format. Remote attackers can trigger an out of bounds read by crafting malicious FTXT...

1 affected package

imagemagick

Package 16.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-56362

Medium priority
Needs evaluation

ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk...

1 affected package

imagemagick

Package 16.04 LTS
imagemagick Needs evaluation
Show less packages