Search CVE reports


Toggle filters

201 – 210 of 39796 results

Status is adjusted based on your filters.


CVE-2026-58459

Medium priority
Needs evaluation

gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device subtype value to execute arbitrary shell commands by embedding backtick...

1 affected package

gpsd

Package 24.04 LTS
gpsd Needs evaluation
Show less packages

CVE-2026-15308

Medium priority
Needs evaluation

The incremental HTML parser (html.parser.HTMLParser) allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data.

11 affected packages

python2.7, python3.4, python3.5, python3.6, python3.7...

Package 24.04 LTS
python2.7 Not in release
python3.4 Not in release
python3.5 Not in release
python3.6 Not in release
python3.7 Not in release
python3.8 Not in release
python3.9 Not in release
python3.10 Not in release
python3.11 Not in release
python3.12 Needs evaluation
python3.14 Not in release
Show all 11 packages Show less packages

CVE-2026-23556

Medium priority
Needs evaluation

When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota.

1 affected package

xen

Package 24.04 LTS
xen Needs evaluation
Show less packages

CVE-2026-11404

Medium priority

Not in release

Cesanta Mongoose before 7.22 contains an out-of-bounds read in the built-in TLS server function mg_tls_server_recv_hello(), which uses an attacker-controlled session_id_len byte from a TLS ClientHello as a buffer index without...

1 affected package

mongoose

Package 24.04 LTS
mongoose Not in release
Show less packages

CVE-2026-15185

Medium priority
Needs evaluation

A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsub_read_idx of the file /src/media_tools/vobsub.c of the component MP4Box. Executing a manipulation of the argument num_langs can lead...

1 affected package

gpac

Package 24.04 LTS
gpac Needs evaluation
Show less packages

CVE-2026-59939

Medium priority
Fixed

httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate in _decompressContent...

1 affected package

python-httplib2

Package 24.04 LTS
python-httplib2 Fixed
Show less packages

CVE-2026-59692

Medium priority
Needs evaluation

A stack buffer overflow vulnerability was found in GStreamer's DTLS plugin. During a DTLS handshake, the peer certificate Subject Distinguished Name is printed into a fixed-size 2048-byte stack buffer without bounds checking....

1 affected package

gst-plugins-bad1.0

Package 24.04 LTS
gst-plugins-bad1.0 Needs evaluation
Show less packages

CVE-2026-59691

Medium priority
Needs evaluation

A heap buffer overflow vulnerability was found in GStreamer's rfbsrc plugin. When a client connects to a malicious RFB/VNC server that advertises a 16bpp framebuffer and sends Hextile-encoded updates, the Hextile background fill...

1 affected package

gst-plugins-bad1.0

Package 24.04 LTS
gst-plugins-bad1.0 Needs evaluation
Show less packages

CVE-2026-58388

Medium priority
Needs evaluation

[Unknown description]

1 affected package

gimp

Package 24.04 LTS
gimp Needs evaluation
Show less packages

CVE-2026-58387

Medium priority
Needs evaluation

[Unknown description]

1 affected package

gimp

Package 24.04 LTS
gimp Needs evaluation
Show less packages