Search CVE reports


Toggle filters

91 – 100 of 43937 results

Status is adjusted based on your filters.


CVE-2026-50528

Medium priority
Vulnerable

Incorrect authorization in .NET allows an unauthorized attacker to bypass a security feature over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 22.04 LTS
dotnet6 Vulnerable
dotnet7 Ignored
dotnet8 Vulnerable
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-50527

Medium priority
Vulnerable

Stack-based buffer overflow in .NET Framework allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 22.04 LTS
dotnet6 Vulnerable
dotnet7 Ignored
dotnet8 Vulnerable
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-50526

Medium priority
Vulnerable

Improper link resolution before file access ('link following') in .NET allows an authorized attacker to perform tampering locally.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 22.04 LTS
dotnet6 Vulnerable
dotnet7 Ignored
dotnet8 Vulnerable
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-50525

Medium priority
Vulnerable

Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 22.04 LTS
dotnet6 Vulnerable
dotnet7 Ignored
dotnet8 Vulnerable
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-50524

Medium priority
Vulnerable

Improper validation of specified type of input in .NET Framework allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 22.04 LTS
dotnet6 Vulnerable
dotnet7 Ignored
dotnet8 Vulnerable
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-48784

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.53, 6.4.41, 7.4.13, and 8.0.13, UrlGenerator::doGenerate() used strtr() dot-segment encoding that skipped every other...

1 affected package

symfony

Package 22.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-48761

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0 until 6.4.41, 7.4.13, and 8.0.13, UrlAttributeSanitizer::getSupportedAttributes() omitted URL-bearing attributes on...

1 affected package

symfony

Package 22.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-48760

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0 until 6.4.41, 7.4.13, and 8.0.13, UrlSanitizer::parse() rejected raw BiDi formatting characters but not percent-encoded...

1 affected package

symfony

Package 22.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-48747

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 7.4.13 and 8.0.13, MailomatRequestParser::validateSignature() parsed X-MOM-Webhook-Signature as algo=signature and passed...

1 affected package

symfony

Package 22.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-48736

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 5.4.0 to 5.4.53, 6.4.41, 7.4.13, and 8.0.13, NoPrivateNetworkHttpClient and IpUtils::PRIVATE_SUBNETS omitted IPv6 transition...

1 affected package

symfony

Package 22.04 LTS
symfony Needs evaluation
Show less packages