Search CVE reports


Toggle filters

241 – 250 of 42615 results

Status is adjusted based on your filters.


CVE-2026-11771

Medium priority
Not affected

1-byte buffer overrun on NTLMv2 proxy responses

1 affected package

openvpn

Package 20.04 LTS
openvpn Not affected
Show less packages

CVE-2026-50722

Medium priority
Needs evaluation

Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v1_5 (RFC 8017). A remote...

1 affected package

libreswan

Package 20.04 LTS
libreswan Needs evaluation
Show less packages

CVE-2026-50721

Medium priority
Needs evaluation

Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS #1 RSA Encryption as per RFC...

1 affected package

libreswan

Package 20.04 LTS
libreswan Needs evaluation
Show less packages

CVE-2026-12413

Medium priority
Needs evaluation

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemble_v2_incoming_fragments() would ignore unknown...

1 affected package

libreswan

Package 20.04 LTS
libreswan Needs evaluation
Show less packages

CVE-2026-38968

Medium priority
Needs evaluation

ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during session creation. As a result,...

1 affected package

ntopng

Package 20.04 LTS
ntopng Needs evaluation
Show less packages

CVE-2026-58381

Medium priority
Needs evaluation

A flaw was found in GIMP's PSP file format parser. A double-free condition occurs in the read_layer_block() function when processing a specially crafted PSP file. This could allow an attacker to cause memory...

1 affected package

gimp

Package 20.04 LTS
gimp Needs evaluation
Show less packages

CVE-2025-71385

Medium priority
Needs evaluation

Netdata before 2.3.1 reflects the user-supplied love query parameter of the api/v2/ilove.svg and api/v3/ilove.svg endpoints verbatim into the generated SVG document (into a text element) without HTML or XML escaping, and...

1 affected package

netdata

Package 20.04 LTS
netdata Needs evaluation
Show less packages

CVE-2026-55952

Medium priority
Needs evaluation

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler....

1 affected package

erlang

Package 20.04 LTS
erlang Needs evaluation
Show less packages

CVE-2026-55950

Medium priority
Needs evaluation

Time-of-check Time-of-use (TOCTOU) race condition vulnerability in Erlang/OTP ssl (dtls_packet_demux module) allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a...

1 affected package

erlang

Package 20.04 LTS
erlang Needs evaluation
Show less packages

CVE-2026-54891

Medium priority
Needs evaluation

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl (tls_gen_connection module) allows a network-positioned attacker to inject unauthenticated plaintext that the...

1 affected package

erlang

Package 20.04 LTS
erlang Needs evaluation
Show less packages