Search CVE reports


Toggle filters

81 – 90 of 51455 results

Status is adjusted based on your filters.


CVE-2026-14164

Medium priority
Needs evaluation

A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered_buf pointer may remain stale after being freed during unpacking state...

1 affected package

libarchive

Package 16.04 LTS
libarchive Needs evaluation
Show less packages

CVE-2026-12610

Medium priority
Needs evaluation

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw...

1 affected package

sssd

Package 16.04 LTS
sssd Needs evaluation
Show less packages

CVE-2026-55957

Medium priority
Needs evaluation

Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 16.04 LTS
tomcat6
tomcat7
tomcat8 Needs evaluation
tomcat9
tomcat10
tomcat11
Show less packages

CVE-2026-55956

Medium priority
Needs evaluation

Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint. This issue affects Apache Tomcat:...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 16.04 LTS
tomcat6
tomcat7
tomcat8 Needs evaluation
tomcat9
tomcat10
tomcat11
Show less packages

CVE-2026-55955

Medium priority
Needs evaluation

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 16.04 LTS
tomcat6
tomcat7
tomcat8 Needs evaluation
tomcat9
tomcat10
tomcat11
Show less packages

CVE-2026-55276

Medium priority
Needs evaluation

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat:...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 16.04 LTS
tomcat6
tomcat7
tomcat8 Needs evaluation
tomcat9
tomcat10
tomcat11
Show less packages

CVE-2026-53434

Medium priority
Needs evaluation

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 16.04 LTS
tomcat6
tomcat7
tomcat8 Needs evaluation
tomcat9
tomcat10
tomcat11
Show less packages

CVE-2026-53404

Medium priority
Needs evaluation

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat:...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 16.04 LTS
tomcat6
tomcat7
tomcat8 Needs evaluation
tomcat9
tomcat10
tomcat11
Show less packages

CVE-2026-50229

Medium priority
Needs evaluation

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 16.04 LTS
tomcat6
tomcat7
tomcat8 Needs evaluation
tomcat9
tomcat10
tomcat11
Show less packages

CVE-2026-13757

Medium priority
Vulnerable

A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() form a mutually-recursive call chain with no recursion depth limit when...

1 affected package

p11-kit

Package 16.04 LTS
p11-kit Vulnerable
Show less packages