Search CVE reports


Toggle filters

101 – 110 of 42570 results

Status is adjusted based on your filters.


CVE-2026-15041

Medium priority
Needs evaluation

A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password verification function uses standard memcmp() for comparing password hashes instead of a constant-time comparison function. A remote attacker could potentially...

1 affected package

389-ds-base

Package 20.04 LTS
389-ds-base Needs evaluation
Show less packages

CVE-2026-14454

Medium priority
Needs evaluation

(Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry co ...)

1 affected package

libimager-perl

Package 20.04 LTS
libimager-perl Needs evaluation
Show less packages

CVE-2026-12590

Medium priority
Needs evaluation

Impact: In body-parser versions prior to 1.20.6 (1.x line) and 2.3.0 (2.x line), when the parser is configured with an invalid limit option value such as an unparseable string or NaN, bytes.parse returns null and the request body...

1 affected package

node-body-parser

Package 20.04 LTS
node-body-parser Needs evaluation
Show less packages

CVE-2026-10037

Medium priority
Not affected

A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or...

12 affected packages

mailcap, openjdk-8, openjdk-9, openjdk-lts, openjdk-13...

Package 20.04 LTS
mailcap
openjdk-8 Not affected
openjdk-9
openjdk-lts Not affected
openjdk-13 Ignored
openjdk-16 Ignored
openjdk-17 Not affected
openjdk-17-crac
openjdk-18
openjdk-21 Not affected
openjdk-21-crac
openjdk-25
Show all 12 packages Show less packages

CVE-2026-60002

Medium priority
Needs evaluation

ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)

2 affected packages

openssh, openssh-ssh1

Package 20.04 LTS
openssh Needs evaluation
openssh-ssh1 Ignored
Show less packages

CVE-2026-60001

Medium priority
Needs evaluation

sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.

2 affected packages

openssh, openssh-ssh1

Package 20.04 LTS
openssh Needs evaluation
openssh-ssh1 Ignored
Show less packages

CVE-2026-60000

Medium priority
Needs evaluation

sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service (resource consumption from excessive authentication attempts) because MaxAuthTries was mishandled for GSSAPIAuthentication.

2 affected packages

openssh, openssh-ssh1

Package 20.04 LTS
openssh Needs evaluation
openssh-ssh1 Ignored
Show less packages

CVE-2026-59999

Medium priority
Needs evaluation

In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not.

2 affected packages

openssh, openssh-ssh1

Package 20.04 LTS
openssh Needs evaluation
openssh-ssh1 Ignored
Show less packages

CVE-2026-59998

Medium priority
Needs evaluation

sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory.

2 affected packages

openssh, openssh-ssh1

Package 20.04 LTS
openssh Needs evaluation
openssh-ssh1 Ignored
Show less packages

CVE-2026-59997

Medium priority
Needs evaluation

internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection.

2 affected packages

openssh, openssh-ssh1

Package 20.04 LTS
openssh Needs evaluation
openssh-ssh1 Ignored
Show less packages