Search CVE reports


Toggle filters

1 – 10 of 39366 results

Status is adjusted based on your filters.


CVE-2026-38969

Medium priority
Needs evaluation

ruby webrick through v1.9.2 WEBrick reparses trailer Content-Length into canonical request state, enabling request smuggling.

1 affected package

ruby-webrick

Package 24.04 LTS
ruby-webrick Needs evaluation
Show less packages

CVE-2026-38968

Medium priority
Needs evaluation

ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during session creation. As a result,...

1 affected package

ntopng

Package 24.04 LTS
ntopng Needs evaluation
Show less packages

CVE-2026-33592

Medium priority

Not in release

An unauthenticated remote attacker can exhaust server memory via the FindServers Discovery Service in open62541. The serverUris field of FindServersRequest is not validated for length or array size. An attacker can declare an...

1 affected package

open62541

Package 24.04 LTS
open62541 Not in release
Show less packages

CVE-2026-14544

Medium priority
Needs evaluation

A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur...

1 affected package

hplip

Package 24.04 LTS
hplip Needs evaluation
Show less packages

CVE-2026-14355

Medium priority
Needs evaluation

[PHP: ext/openssl: Memory corruption (zend_mm_heap corrupted) in openssl_encrypt with AES-WRAP-PAD]

8 affected packages

php5, php7.0, php7.2, php7.4, php8.1...

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
php8.4 Not in release
php8.5 Not in release
Show all 8 packages Show less packages

CVE-2026-14330

Medium priority
Needs evaluation

Multiple unbounded alloca() calls in the PulseAudio protocol server.

2 affected packages

pipewire, pulseaudio

Package 24.04 LTS
pipewire Needs evaluation
pulseaudio Needs evaluation
Show less packages

CVE-2026-13698

Medium priority
Needs evaluation

[Unknown description]

1 affected package

openvpn

Package 24.04 LTS
openvpn Needs evaluation
Show less packages

CVE-2026-13122

Medium priority
Needs evaluation

[Unknown description]

1 affected package

openvpn

Package 24.04 LTS
openvpn Needs evaluation
Show less packages

CVE-2026-13117

Medium priority
Needs evaluation

[Unknown description]

1 affected package

openvpn

Package 24.04 LTS
openvpn Needs evaluation
Show less packages

CVE-2026-12996

Medium priority
Needs evaluation

[Unknown description]

1 affected package

openvpn

Package 24.04 LTS
openvpn Needs evaluation
Show less packages