Search CVE reports


Toggle filters

21 – 30 of 42237 results

Status is adjusted based on your filters.


CVE-2026-50229

Medium priority
Needs evaluation

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 20.04 LTS
tomcat6
tomcat7
tomcat8
tomcat9 Needs evaluation
tomcat10
tomcat11
Show less packages

CVE-2026-49877

Medium priority
Needs evaluation

Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/* paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to...

1 affected package

activemq

Package 20.04 LTS
activemq Needs evaluation
Show less packages

CVE-2026-49434

Medium priority
Needs evaluation

Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can...

1 affected package

activemq

Package 20.04 LTS
activemq Needs evaluation
Show less packages

CVE-2026-49432

Medium priority
Needs evaluation

Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a...

1 affected package

activemq

Package 20.04 LTS
activemq Needs evaluation
Show less packages

CVE-2026-44605

Medium priority
Needs evaluation

[Unknown description]

1 affected package

rpm

Package 20.04 LTS
rpm Needs evaluation
Show less packages

CVE-2026-41992

Medium priority
Needs evaluation

GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single execution. GNU gzip maintains a global...

1 affected package

gzip

Package 20.04 LTS
gzip Needs evaluation
Show less packages

CVE-2026-41991

Medium priority
Needs evaluation

GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the user’s PATH, gzexe falls back to constructing a temporary file path based solely...

1 affected package

gzip

Package 20.04 LTS
gzip Needs evaluation
Show less packages

CVE-2026-25707

Medium priority
Needs evaluation

A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or...

1 affected package

libzypp

Package 20.04 LTS
libzypp Needs evaluation
Show less packages

CVE-2026-14164

Medium priority
Needs evaluation

A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered_buf pointer may remain stale after being freed during unpacking state...

1 affected package

libarchive

Package 20.04 LTS
libarchive Needs evaluation
Show less packages

CVE-2026-13758

Medium priority
Needs evaluation

CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path. The decrypt_done($tag) form compares it against the computed tag with memNE (memcmp() != 0), which...

1 affected package

libcryptx-perl

Package 20.04 LTS
libcryptx-perl Needs evaluation
Show less packages