Search CVE reports

Toggle filters

1 – 10 of 503 results

CVE-2026-50219

Medium priority
Needs evaluation

[Unknown description]

23 affected packages

expat, apache2, apr-util, cmake, ghostscript...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
expat Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
cmake Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vnc4 Not in release Not in release Not in release Needs evaluation
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit4 Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gdcm Not affected Not affected Not affected Not affected Needs evaluation
ayttm Not in release Not in release Not in release
cableswig Not in release Not in release Not in release
coin3 Not affected Not affected Not affected Not affected Needs evaluation
matanza Ignored Ignored Ignored Ignored Needs evaluation
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vtk Not in release Not in release Not in release
smart Not in release Not in release Not in release Needs evaluation
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected
libxmltok Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 23 packages Show less packages

CVE-2026-48501

Medium priority
Needs evaluation

GitHub CLI (gh) is GitHub’s official command line tool. Prior to 2.93.0, GitHub CLI incorrectly includes authorization header in API requests to TUF repository mirrors via gh attestation, gh release verify, and gh...

2 affected packages

golang-github-cli-go-gh, golang-github-cli-go-gh-v2

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-github-cli-go-gh Needs evaluation Needs evaluation Not in release
golang-github-cli-go-gh-v2 Needs evaluation Needs evaluation Not in release
Show less packages

CVE-2026-44988

Medium priority
Needs evaluation

LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight...

6 affected packages

libvncserver, vino, x11vnc, veyon, italc, tightvnc

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libvncserver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vino Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
veyon Needs evaluation Needs evaluation Needs evaluation Needs evaluation
italc Not in release Not in release Not in release Needs evaluation
tightvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-45803

Medium priority
Needs evaluation

`gh` is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs...

1 affected package

gh

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gh Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-45186

Medium priority
Needs evaluation

In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input.

23 affected packages

expat, apache2, apr-util, cmake, ghostscript...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
expat Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
cmake Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vnc4 Not in release Not in release Not in release Needs evaluation
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit4 Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gdcm Not affected Not affected Not affected Not affected Needs evaluation
ayttm Not in release Not in release Not in release
cableswig Not in release Not in release Not in release
coin3 Not affected Not affected Not affected Not affected Needs evaluation
matanza Ignored Ignored Ignored Ignored Needs evaluation
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vtk Not in release Not in release Not in release
smart Not in release Not in release Not in release Needs evaluation
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected
libxmltok Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 23 packages Show less packages

CVE-2026-41080

Medium priority
Needs evaluation

libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.

23 affected packages

expat, apache2, apr-util, cmake, ghostscript...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
expat Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
cmake Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vnc4 Not in release Not in release Not in release Needs evaluation
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit4 Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gdcm Not affected Not affected Not affected Not affected Needs evaluation
ayttm Not in release Not in release Not in release
cableswig Not in release Not in release Not in release
coin3 Not affected Not affected Not affected Not affected Needs evaluation
matanza Ignored Ignored Ignored Ignored Needs evaluation
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vtk Not in release Not in release Not in release
smart Not in release Not in release Not in release Needs evaluation
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected
libxmltok Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 23 packages Show less packages

CVE-2026-6192

Medium priority

Some fixes available 4 of 35

A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opj_pi_initialise_encode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out...

7 affected packages

openjpeg2, insighttoolkit4, qtwebengine-opensource-src, blender, texmaker...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openjpeg2 Fixed Fixed Fixed Needs evaluation Needs evaluation
insighttoolkit4 Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ghostscript Not affected Not affected Not affected Not affected Needs evaluation
openjpeg Not in release Not in release Not in release
Show all 7 packages Show less packages

CVE-2026-32854

Medium priority
Needs evaluation

LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput() in httpd.c that allow remote attackers to cause a denial of...

6 affected packages

libvncserver, vino, x11vnc, veyon, italc, tightvnc

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libvncserver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vino Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
veyon Needs evaluation Needs evaluation Needs evaluation Needs evaluation
italc Not in release Not in release Not in release Needs evaluation
tightvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-32853

Medium priority
Needs evaluation

LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application...

6 affected packages

libvncserver, vino, x11vnc, veyon, italc, tightvnc

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libvncserver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vino Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
veyon Needs evaluation Needs evaluation Needs evaluation Needs evaluation
italc Not in release Not in release Not in release Needs evaluation
tightvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-4739

Medium priority
Needs evaluation

Integer Overflow or Wraparound vulnerability in InsightSoftwareConsortium ITK (‎Modules/ThirdParty/Expat/src/expat modules).This issue affects ITK: before 2.7.1.

23 affected packages

expat, apache2, apr-util, cmake, ghostscript...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
expat Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
cmake Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vnc4 Not in release Not in release Not in release Needs evaluation
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit4 Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gdcm Not affected Not affected Not affected Not affected Needs evaluation
ayttm Not in release Not in release Not in release
cableswig Not in release Not in release Not in release
coin3 Not affected Not affected Not affected Not affected Needs evaluation
matanza Ignored Ignored Ignored Ignored Needs evaluation
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vtk Not in release Not in release Not in release
smart Not in release Not in release Not in release Needs evaluation
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected
libxmltok Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 23 packages Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON