Search CVE reports


Toggle filters

201 – 210 of 39708 results

Status is adjusted based on your filters.


CVE-2026-12590

Medium priority
Needs evaluation

Impact: In body-parser versions prior to 1.20.6 (1.x line) and 2.3.0 (2.x line), when the parser is configured with an invalid limit option value such as an unparseable string or NaN, bytes.parse returns null and the request body...

1 affected package

node-body-parser

Package 24.04 LTS
node-body-parser Needs evaluation
Show less packages

CVE-2026-11827

Medium priority

Not in release

(GitLab has remediated an issue in GitLab EE affecting all versions fro ...)

1 affected package

gitlab

Package 24.04 LTS
gitlab Not in release
Show less packages

CVE-2025-12506

Medium priority

Not in release

(GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)

1 affected package

gitlab

Package 24.04 LTS
gitlab Not in release
Show less packages

CVE-2026-10037

Medium priority
Fixed

A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or...

12 affected packages

mailcap, openjdk-8, openjdk-9, openjdk-lts, openjdk-13...

Package 24.04 LTS
mailcap Fixed
openjdk-8 Not affected
openjdk-9 Not in release
openjdk-lts Not affected
openjdk-13 Not in release
openjdk-16 Not in release
openjdk-17 Not affected
openjdk-17-crac Not in release
openjdk-18 Not in release
openjdk-21 Not affected
openjdk-21-crac Not in release
openjdk-25 Not affected
Show all 12 packages Show less packages

CVE-2026-60002

Medium priority

Some fixes available 1 of 2

ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)

2 affected packages

openssh, openssh-ssh1

Package 24.04 LTS
openssh Fixed
openssh-ssh1 Ignored
Show less packages

CVE-2026-60001

Medium priority

Some fixes available 1 of 2

sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.

2 affected packages

openssh, openssh-ssh1

Package 24.04 LTS
openssh Fixed
openssh-ssh1 Ignored
Show less packages

CVE-2026-60000

Medium priority

Some fixes available 1 of 2

sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service (resource consumption from excessive authentication attempts) because MaxAuthTries was mishandled for GSSAPIAuthentication.

2 affected packages

openssh, openssh-ssh1

Package 24.04 LTS
openssh Fixed
openssh-ssh1 Ignored
Show less packages

CVE-2026-59999

Medium priority

Some fixes available 1 of 2

In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not.

2 affected packages

openssh, openssh-ssh1

Package 24.04 LTS
openssh Fixed
openssh-ssh1 Ignored
Show less packages

CVE-2026-59998

Medium priority

Some fixes available 1 of 2

sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory.

2 affected packages

openssh, openssh-ssh1

Package 24.04 LTS
openssh Fixed
openssh-ssh1 Ignored
Show less packages

CVE-2026-59997

Medium priority

Some fixes available 1 of 2

internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection.

2 affected packages

openssh, openssh-ssh1

Package 24.04 LTS
openssh Fixed
openssh-ssh1 Ignored
Show less packages