Search CVE reports


Toggle filters

161 – 170 of 43740 results

Status is adjusted based on your filters.


CVE-2026-48588

Medium priority
Needs evaluation

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. `UpdateCacheMiddleware` and the `cache_page()` decorator cache responses that vary on cookies when the incoming request carries unrelated cookies, which...

1 affected package

python-django

Package 22.04 LTS
python-django Needs evaluation
Show less packages

CVE-2026-14940

Medium priority
Needs evaluation

A heap-buffer-overflow flaw was found in 389 Directory Server (389-ds-base). When normalizing a Distinguished Name (DN) that contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name (RDN), the...

1 affected package

389-ds-base

Package 22.04 LTS
389-ds-base Needs evaluation
Show less packages

CVE-2011-10043

Medium priority
Not affected

Module::Load versions before 0.22 for Perl allow arbitrary modules outside of @INC to be loaded. Module names starting with "::" could be passed to the load function to specify arbitrary module paths. Attackers able to influence...

1 affected package

perl

Package 22.04 LTS
perl Not affected
Show less packages

CVE-2026-14476

Medium priority
Needs evaluation

A path traversal flaw was found in SSSD's AD GPO provider. The ad_gpo_extract_smb_components() function does not sanitize .. sequences in the gPCFileSysPath LDAP attribute, allowing an attacker with AD GPO management access to...

1 affected package

sssd

Package 22.04 LTS
sssd Needs evaluation
Show less packages

CVE-2026-14474

Medium priority
Needs evaluation

A flaw was found in SSSD's LDAP sudo provider. When the ldap_sudo_search_base option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to...

1 affected package

sssd

Package 22.04 LTS
sssd Needs evaluation
Show less packages

CVE-2026-11610

Medium priority
Needs evaluation

A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). After a successful SASL bind with integrity protection (SSF > 0), an authenticated attacker can send a specially crafted oversized...

1 affected package

389-ds-base

Package 22.04 LTS
389-ds-base Needs evaluation
Show less packages

CVE-2026-58384

Medium priority
Needs evaluation

A flaw was found in GIMP's PSD parser. An integer overflow in read_RLE_channel() can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to...

1 affected package

gimp

Package 22.04 LTS
gimp Needs evaluation
Show less packages

CVE-2026-50135

Medium priority
Needs evaluation

Hugo is a static site generator. From 0.123.0 to 0.161.1, a regression made  RootMappingFs.statRoot  use  Stat  (follows symlinks) instead of  Lstat , so a direct  resources.Get  of a symlink pointing outside its mount returned...

1 affected package

hugo

Package 22.04 LTS
hugo Needs evaluation
Show less packages

CVE-2026-59089

Medium priority
Needs evaluation

A flaw was found in GIMP. The PlayStation TIM loader, responsible for handling PlayStation image files, incorrectly calculates the size of the Color Look-Up Table (CLUT) due to an integer overflow. This occurs when multiplying...

1 affected package

gimp

Package 22.04 LTS
gimp Needs evaluation
Show less packages

CVE-2026-58404

Medium priority
Needs evaluation

Hugo is a static site generator. From v0.162.0 through v0.163.0, the default security.http.urls policy denies requests to loopback, internal, and cloud-metadata IPv4 literals, but the deny rule only matched dotted-decimal...

1 affected package

hugo

Package 22.04 LTS
hugo Needs evaluation
Show less packages