Search CVE reports


Toggle filters

31 – 40 of 51398 results

Status is adjusted based on your filters.


CVE-2026-53404

Medium priority
Needs evaluation

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat:...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 16.04 LTS
tomcat6
tomcat7
tomcat8 Needs evaluation
tomcat9
tomcat10
tomcat11
Show less packages

CVE-2026-50229

Medium priority
Needs evaluation

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 16.04 LTS
tomcat6
tomcat7
tomcat8 Needs evaluation
tomcat9
tomcat10
tomcat11
Show less packages

CVE-2026-13757

Medium priority
Vulnerable

A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() form a mutually-recursive call chain with no recursion depth limit when...

1 affected package

p11-kit

Package 16.04 LTS
p11-kit Vulnerable
Show less packages

CVE-2026-12912

Medium priority
Needs evaluation

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with...

5 affected packages

tiff, qtwebengine-opensource-src, texmaker, gdal, neuron

Package 16.04 LTS
tiff Needs evaluation
qtwebengine-opensource-src
texmaker
gdal
neuron
Show less packages

CVE-2026-54371

Medium priority
Needs evaluation

attr before version 2.6.0 contains a symlink traversal vulnerability in the getfattr and setfattr utilities that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link during directory...

1 affected package

attr

Package 16.04 LTS
attr Needs evaluation
Show less packages

CVE-2026-54370

Medium priority
Needs evaluation

acl before version 2.4.0 contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat()...

1 affected package

acl

Package 16.04 LTS
acl Needs evaluation
Show less packages

CVE-2026-54369

Medium priority
Needs evaluation

acl before version 2.4.0 contains a symlink traversal vulnerability in the libacl pathname-based functions acl_get_file(), acl_set_file(), acl_extended_file(), and acl_delete_def_file() that allows local attackers to escalate...

1 affected package

acl

Package 16.04 LTS
acl Needs evaluation
Show less packages

CVE-2026-11979

Medium priority
Needs evaluation

libxml2 is vulnerable to multiple stack-based buffer overflows in the xmlcatalog utility when running in --shell mode. The usershell() function processes user input using fixed-size stack buffers without proper bounds checking. By...

1 affected package

libxml2

Package 16.04 LTS
libxml2 Needs evaluation
Show less packages

CVE-2026-41992

Medium priority
Needs evaluation

GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single execution. GNU gzip maintains a global...

1 affected package

gzip

Package 16.04 LTS
gzip Needs evaluation
Show less packages

CVE-2026-41991

Medium priority
Needs evaluation

GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the user’s PATH, gzexe falls back to constructing a temporary file path based solely...

1 affected package

gzip

Package 16.04 LTS
gzip Needs evaluation
Show less packages