Search CVE reports


Toggle filters

201 – 210 of 42899 results

Status is adjusted based on your filters.


CVE-2026-55967

Medium priority
Needs evaluation

AES-GCM encryption/decryption with extremely large cumulative single message sizes (>64 GiB) were not properly rejected by the streaming APIs, allowing counter wrap, keystream reuse, and consequent plaintext recovery.

1 affected package

wolfssl

Package 22.04 LTS
wolfssl Needs evaluation
Show less packages

CVE-2026-55961

Medium priority
Needs evaluation

wolfSSL_PKCS7_verify() returning success for a degenerate (certs-only) PKCS#7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any...

1 affected package

wolfssl

Package 22.04 LTS
wolfssl Needs evaluation
Show less packages

CVE-2026-54679

Medium priority
Needs evaluation

jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvp_string_append has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2.

1 affected package

jq

Package 22.04 LTS
jq Needs evaluation
Show less packages

CVE-2026-49839

Medium priority
Needs evaluation

jq is a command-line JSON processor. Prior to 1.8.2,` jq --rawfile` can turn a handled oversized-string error into invalid-state reuse and a real heap out-of-bounds write in assertion-disabled builds. When jv_load_file(raw=1)...

1 affected package

jq

Package 22.04 LTS
jq Needs evaluation
Show less packages

CVE-2026-47770

Medium priority
Needs evaluation

jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack...

1 affected package

jq

Package 22.04 LTS
jq Needs evaluation
Show less packages

CVE-2026-11999

Medium priority
Needs evaluation

X.509 trust-chain bypass (path-depth exhaustion) in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only builds with --enable-opensslextra whose application calls X509_verify_cert() with...

1 affected package

wolfssl

Package 22.04 LTS
wolfssl Needs evaluation
Show less packages

CVE-2026-56123

Medium priority
Needs evaluation

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply...

1 affected package

socat

Package 22.04 LTS
socat Needs evaluation
Show less packages

CVE-2026-57456

Medium priority
Vulnerable

Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion (runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim) executes reconstructed function and class definitions from...

1 affected package

vim

Package 22.04 LTS
vim Vulnerable
Show less packages

CVE-2026-57455

Medium priority
Vulnerable

Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spell_soundfold_sofo() in src/spell.c translates a word through a spell file's SOFO (sound-folding) byte map into a caller-owned result...

1 affected package

vim

Package 22.04 LTS
vim Vulnerable
Show less packages

CVE-2026-57454

Medium priority
Not affected

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or...

1 affected package

vim

Package 22.04 LTS
vim Not affected
Show less packages