Search CVE reports


Toggle filters

151 – 160 of 30559 results

Status is adjusted based on your filters.


CVE-2026-58472

Medium priority
Needs evaluation

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the html_quote_string() function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted...

1 affected package

wget

Package 26.04 LTS
wget Needs evaluation
Show less packages

CVE-2026-58471

Medium priority
Needs evaluation

GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convert_fname() function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied...

1 affected package

wget

Package 26.04 LTS
wget Needs evaluation
Show less packages

CVE-2026-58470

Medium priority
Needs evaluation

GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parse_content_range() function within src/http.c that allows server-controlled values to cause signed integer arithmetic to...

1 affected package

wget

Package 26.04 LTS
wget Needs evaluation
Show less packages

CVE-2026-58469

Medium priority
Needs evaluation

GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the clean_metalink_string() function within src/metalink.c that allows a malicious server to trigger memory corruption by serving...

1 affected package

wget

Package 26.04 LTS
wget Needs evaluation
Show less packages

CVE-2026-53511

Medium priority
Needs evaluation

calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file can execute arbitrary Python code when its metadata is read by calibre, including through Add books or Edit books, by embedding a custom column...

1 affected package

calibre

Package 26.04 LTS
calibre Needs evaluation
Show less packages

CVE-2026-7017

Medium priority
Needs evaluation

HTTP::Tiny versions before 0.095 for Perl forward credential headers to cross-origin redirect targets. When the server returns a 3xx redirect, `_maybe_redirect` follows the `Location:` header and `_prepare_headers_and_cb`...

2 affected packages

libhttp-tiny-perl, perl

Package 26.04 LTS
libhttp-tiny-perl Needs evaluation
perl Needs evaluation
Show less packages

CVE-2026-14969

Medium priority
Needs evaluation

A flaw was found in 389-ds-base where the LDBM backend attribute encryption uses a hardcoded static initialization vector for AES-CBC and 3DES-CBC operations, allowing an attacker with privileged filesystem access to detect...

1 affected package

389-ds-base

Package 26.04 LTS
389-ds-base Needs evaluation
Show less packages

CVE-2026-14935

Medium priority
Needs evaluation

A logic vulnerability was found in GStreamer's webrtcbin component. The _check_sdp_crypto() function contains an inverted boolean condition that causes it to accept remote SDP offers or answers that lack the required a=fingerprint...

1 affected package

gst-plugins-bad1.0

Package 26.04 LTS
gst-plugins-bad1.0 Needs evaluation
Show less packages

CVE-2026-53878

Medium priority
Needs evaluation

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. `DomainNameValidator` does not prohibit newlines in domain names (unless used via a form field, since `CharField` strips newlines). If an application uses...

1 affected package

python-django

Package 26.04 LTS
python-django Needs evaluation
Show less packages

CVE-2026-53877

Medium priority
Needs evaluation

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. `django.contrib.gis.gdal.GDALRaster` over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause...

1 affected package

python-django

Package 26.04 LTS
python-django Needs evaluation
Show less packages