Search CVE reports


Toggle filters

81 – 90 of 42294 results

Status is adjusted based on your filters.


CVE-2026-53404

Medium priority
Needs evaluation

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat:...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 20.04 LTS
tomcat6
tomcat7
tomcat8
tomcat9 Needs evaluation
tomcat10
tomcat11
Show less packages

CVE-2026-50229

Medium priority
Needs evaluation

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 20.04 LTS
tomcat6
tomcat7
tomcat8
tomcat9 Needs evaluation
tomcat10
tomcat11
Show less packages

CVE-2026-13758

Medium priority
Needs evaluation

CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path. The decrypt_done($tag) form compares it against the computed tag with memNE (memcmp() != 0), which...

1 affected package

libcryptx-perl

Package 20.04 LTS
libcryptx-perl Needs evaluation
Show less packages

CVE-2026-56018

Medium priority
Needs evaluation

JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(), allowing unbounded memory growth. In JsMinify (XS.xs) the cleanup frees only the NodeSet structures and never the per-token contents...

1 affected package

libjavascript-minifier-xs-perl

Package 20.04 LTS
libjavascript-minifier-xs-perl Needs evaluation
Show less packages

CVE-2026-56017

Medium priority
Needs evaluation

JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString (XS.xs) inspects...

1 affected package

libjavascript-minifier-xs-perl

Package 20.04 LTS
libjavascript-minifier-xs-perl Needs evaluation
Show less packages

CVE-2026-13593

Medium priority
Needs evaluation

CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away. The minify function has a memory leak when processing a document containing only characters to be removed, such as...

1 affected package

libcss-minifier-xs-perl

Package 20.04 LTS
libcss-minifier-xs-perl Needs evaluation
Show less packages

CVE-2026-13757

Medium priority
Vulnerable

A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() form a mutually-recursive call chain with no recursion depth limit when...

1 affected package

p11-kit

Package 20.04 LTS
p11-kit Vulnerable
Show less packages

CVE-2026-12912

Medium priority
Needs evaluation

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with...

5 affected packages

tiff, qtwebengine-opensource-src, texmaker, gdal, neuron

Package 20.04 LTS
tiff Needs evaluation
qtwebengine-opensource-src Needs evaluation
texmaker Needs evaluation
gdal Not affected
neuron Needs evaluation
Show less packages

CVE-2026-13574

Low priority
Needs evaluation

A vulnerability was determined in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/IntrinsicInst.cpp of the component Bitcode File Handler. This manipulation causes...

4 affected packages

llvm-toolchain-18, llvm-toolchain-19, llvm-toolchain-21, llvm-toolchain-22

Package 20.04 LTS
llvm-toolchain-18 Needs evaluation
llvm-toolchain-19
llvm-toolchain-21
llvm-toolchain-22
Show less packages

CVE-2026-13573

Low priority
Needs evaluation

A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in...

4 affected packages

llvm-toolchain-18, llvm-toolchain-19, llvm-toolchain-21, llvm-toolchain-22

Package 20.04 LTS
llvm-toolchain-18 Needs evaluation
llvm-toolchain-19
llvm-toolchain-21
llvm-toolchain-22
Show less packages