Search CVE reports


Toggle filters

1 – 10 of 51391 results

Status is adjusted based on your filters.


CVE-2026-56377

Medium priority
Needs evaluation

ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion...

1 affected package

imagemagick

Package 16.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-56369

Medium priority
Needs evaluation

ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext...

1 affected package

imagemagick

Package 16.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-56365

Medium priority
Needs evaluation

ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service.

1 affected package

imagemagick

Package 16.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-56364

Medium priority
Needs evaluation

ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the...

1 affected package

imagemagick

Package 16.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-56363

Medium priority
Needs evaluation

ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow,...

1 affected package

imagemagick

Package 16.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-56361

Medium priority
Needs evaluation

ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single...

1 affected package

imagemagick

Package 16.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-54696

Medium priority
Needs evaluation

Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0 through 2.19.8 are vulnerable to heap buffer overflow when the JSON generator is provided with an oversized streamed object. When streaming to an IO JSON.dump(obj, io)...

8 affected packages

ruby2.3, ruby2.5, ruby2.7, ruby3.0, ruby3.2...

Package 16.04 LTS
ruby2.3 Needs evaluation
ruby2.5
ruby2.7
ruby3.0
ruby3.2
ruby3.3
jruby
ruby-json
Show all 8 packages Show less packages

CVE-2026-4360

Medium priority
Needs evaluation

In the Tarfile.extract() function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted tar files could end up writing files with an unexpected uid/gid...

12 affected packages

python2.7, python3.4, python3.5, python3.6, python3.7...

Package 16.04 LTS
python2.7 Needs evaluation
python3.4
python3.5 Needs evaluation
python3.6
python3.7
python3.8
python3.9
python3.10
python3.11
python3.12
python3.13
python3.14
Show all 12 packages Show less packages

CVE-2026-58374

Medium priority
Needs evaluation

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEEE 802.11be) Multi-Link Operation (MLO) association request processing allows an unauthenticated attacker within wireless range to send a crafted management...

1 affected package

wpa

Package 16.04 LTS
wpa Needs evaluation
Show less packages

CVE-2026-58016

Medium priority
Needs evaluation

A flaw was found in GLib. A state confusion issue exists in g_dbus_node_info_new_for_xml() in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a <node> element nested within...

1 affected package

glib2.0

Package 16.04 LTS
glib2.0 Needs evaluation
Show less packages