Search CVE reports


Toggle filters

41 – 50 of 42301 results

Status is adjusted based on your filters.


CVE-2026-56364

Medium priority
Needs evaluation

ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the...

1 affected package

imagemagick

Package 20.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-56363

Medium priority
Needs evaluation

ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow,...

1 affected package

imagemagick

Package 20.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-56361

Medium priority
Needs evaluation

ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single...

1 affected package

imagemagick

Package 20.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-55223

Medium priority
Needs evaluation

c3p0 is a JDBC Connection pooling library. In versions prior to 0.14.0, c3p0 in combination with other libraries, can compose to a "sink" for deserialization gadgets. The JDBC spec's DataSource.getConnection()...

1 affected package

c3p0

Package 20.04 LTS
c3p0 Needs evaluation
Show less packages

CVE-2026-54696

Medium priority
Needs evaluation

Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0 through 2.19.8 are vulnerable to heap buffer overflow when the JSON generator is provided with an oversized streamed object. When streaming to an IO JSON.dump(obj, io)...

8 affected packages

ruby2.3, ruby2.5, ruby2.7, ruby3.0, ruby3.2...

Package 20.04 LTS
ruby2.3
ruby2.5
ruby2.7 Needs evaluation
ruby3.0
ruby3.2
ruby3.3
jruby Needs evaluation
ruby-json Needs evaluation
Show all 8 packages Show less packages

CVE-2026-13858

Medium priority
Needs evaluation

Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. (Chromium security severity: Medium)

3 affected packages

chromium-browser, ffmpeg, libav

Package 20.04 LTS
chromium-browser
ffmpeg Needs evaluation
libav
Show less packages

CVE-2026-57585

Medium priority
Needs evaluation

MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a caught error, potentially leading to a DoS attack. If the Unpacker is...

3 affected packages

python-msgpack, python-pip, python-srsly

Package 20.04 LTS
python-msgpack Needs evaluation
python-pip Needs evaluation
python-srsly
Show less packages

CVE-2026-52868

Medium priority
Needs evaluation

An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation.

1 affected package

dcmtk

Package 20.04 LTS
dcmtk Needs evaluation
Show less packages

CVE-2026-50254

Medium priority
Needs evaluation

An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which...

1 affected package

dcmtk

Package 20.04 LTS
dcmtk Needs evaluation
Show less packages

CVE-2026-50003

Medium priority
Needs evaluation

A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative (../) paths and absolute paths.

1 affected package

dcmtk

Package 20.04 LTS
dcmtk Needs evaluation
Show less packages