Search CVE reports


Toggle filters

171 – 180 of 43937 results

Status is adjusted based on your filters.


CVE-2026-59083

Medium priority
Needs evaluation

Improper Handling of URL Encoding (Hex Encoding) vulnerability in Apache Tomcat's rewrite valve allowed security constraint bypass for some configurations. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.23,...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 22.04 LTS
tomcat6 Not in release
tomcat7 Not in release
tomcat8 Not in release
tomcat9 Needs evaluation
tomcat10 Not in release
tomcat11 Not in release
Show less packages

CVE-2026-12606

Medium priority

Not in release

Eclipse Grizzly in versions before 5.0.2, cannot properly parse the trailer section in malformed trailer header's line, which can be leveraged to perform HTTP request smuggling.

1 affected package

glassfish

Package 22.04 LTS
glassfish Not in release
Show less packages

CVE-2026-10051

Medium priority
Needs evaluation

In Eclipse Jetty, a first HTTP/1.1 request with trailers causes the server to retain the trailers in subsequent requests performed over the same connection. Subsequent request that do not have trailers report the trailers of...

2 affected packages

jetty12, jetty9

Package 22.04 LTS
jetty12 Not in release
jetty9 Needs evaluation
Show less packages

CVE-2024-7708

Medium priority
Needs evaluation

For requests that have a body, but reading the body may end up in reading 0 bytes, there is a buffer leak. This is particularly the case for 100-Continue, but any request where the network is slow can leak.

2 affected packages

jetty12, jetty9

Package 22.04 LTS
jetty12 Not in release
jetty9 Needs evaluation
Show less packages

CVE-2026-12482

Medium priority

Not in release

A vulnerability in keras-team/keras version 3.12.0 allows an attacker to craft a malicious tar archive that bypasses the `filter_safe_tarinfos` validation in `keras/src/utils/file_utils.py`. Specifically, symlink entries are not...

1 affected package

keras

Package 22.04 LTS
keras Not in release
Show less packages

CVE-2026-61627

Medium priority
Needs evaluation

[GHSA-pjjp-65r7-ppgm: Out-of-bounds read and write in wrap_lines_measure]

1 affected package

libass

Package 22.04 LTS
libass Needs evaluation
Show less packages

CVE-2026-61626

Medium priority
Needs evaluation

[GHSA-5gf7-wjfm-vmvm: Out-of-bounds bit clears for negative Matroska ReadOrder values]

1 affected package

libass

Package 22.04 LTS
libass Needs evaluation
Show less packages

CVE-2026-54707

Medium priority
Needs evaluation

[OnionShare Receive mode writes uploaded files even when file uploads are disabled]

1 affected package

onionshare

Package 22.04 LTS
onionshare Needs evaluation
Show less packages

CVE-2026-54706

Medium priority
Needs evaluation

[OnionShare follows symlinks in shared directories, allowing unintended disclosure of local files]

1 affected package

onionshare

Package 22.04 LTS
onionshare Needs evaluation
Show less packages

CVE-2026-58102

Medium priority
Needs evaluation

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts. When building the extension hash (via extensions(), extensions_by_long_name(),...

1 affected package

libcrypt-openssl-x509-perl

Package 22.04 LTS
libcrypt-openssl-x509-perl Needs evaluation
Show less packages