Search CVE reports


Toggle filters

231 – 240 of 39869 results

Status is adjusted based on your filters.


CVE-2026-61465

Medium priority
Needs evaluation

ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more...

1 affected package

imagemagick

Package 24.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-56372

Medium priority
Needs evaluation

ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read,...

1 affected package

imagemagick

Package 24.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-52761

Medium priority
Needs evaluation

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. From 3.0.0 through 3.0.15, the t:utf8toUnicode transformation in src/actions/transformations/utf8_to_unicode.cc...

1 affected package

modsecurity

Package 24.04 LTS
modsecurity Needs evaluation
Show less packages

CVE-2026-52747

Medium priority
Needs evaluation

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Prior to 3.0.16, the multipart/form-data request body parser in libmodsecurity silently removes embedded line breaks...

1 affected package

modsecurity

Package 24.04 LTS
modsecurity Needs evaluation
Show less packages

CVE-2026-49844

Medium priority
Needs evaluation

Improper encoding of non-finite floating-point values during MapMessage JSON serialization in Apache Log4j API produces output that is not valid JSON. This issue affects Apache Log4j API versions 2.13.1 through 2.25.4 and version...

1 affected package

apache-log4j2

Package 24.04 LTS
apache-log4j2 Needs evaluation
Show less packages

CVE-2026-57221

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ does not perform authorization checks on passive queue.declare and exchange.declare AMQP 0-9-1 operations, allowing any...

1 affected package

rabbitmq-server

Package 24.04 LTS
rabbitmq-server Needs evaluation
Show less packages

CVE-2026-57220

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, the RabbitMQ stream listener does not enforce the configured stream frame-size limit while assembling frames during authentication and before Tune negotiation, allowing...

1 affected package

rabbitmq-server

Package 24.04 LTS
rabbitmq-server Needs evaluation
Show less packages

CVE-2026-57219

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, the obsolete GET /api/auth endpoint can disclose the OAuth 2 client secret on RabbitMQ installations configured...

1 affected package

rabbitmq-server

Package 24.04 LTS
rabbitmq-server Needs evaluation
Show less packages

CVE-2026-57218

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, RabbitMQ AMQP 0-9-1 allows an existing consumer to keep receiving messages after OAuth token expiry or connection.update_secret refresh to reduced scopes...

1 affected package

rabbitmq-server

Package 24.04 LTS
rabbitmq-server Needs evaluation
Show less packages

CVE-2026-57217

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.21, 4.1.11, and 4.2.6, RabbitMQ topic authorization can allow restricted topic writes and binds during metadata-store failures because topic-permission lookup...

1 affected package

rabbitmq-server

Package 24.04 LTS
rabbitmq-server Needs evaluation
Show less packages