Search CVE reports


Toggle filters

221 – 230 of 42899 results

Status is adjusted based on your filters.


CVE-2026-57435

Medium priority
Needs evaluation

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri’s CRuby native extension could leave a Ruby wrapper pointing to freed memory when replacing the value of an...

1 affected package

ruby-nokogiri

Package 22.04 LTS
ruby-nokogiri Needs evaluation
Show less packages

CVE-2026-57434

Medium priority
Needs evaluation

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri contains a bug when calling certain methods on allocated-but-uninitialized native wrapper classes that inherit from...

1 affected package

ruby-nokogiri

Package 22.04 LTS
ruby-nokogiri Needs evaluation
Show less packages

CVE-2026-57236

Medium priority
Needs evaluation

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, calling Document#encoding= with an invalid encoding (e.g., a non-string, or a string containing a null byte) raises an exception,...

1 affected package

ruby-nokogiri

Package 22.04 LTS
ruby-nokogiri Needs evaluation
Show less packages

CVE-2026-57235

Medium priority
Needs evaluation

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet#[] (and its alias #slice) checked the requested index against the node set's bounds using...

1 affected package

ruby-nokogiri

Package 22.04 LTS
ruby-nokogiri Needs evaluation
Show less packages

CVE-2026-57234

Medium priority
Needs evaluation

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, the NONET parse option, which Nokogiri turns on by default for Nokogiri::XML::Schema (see CVE-2020-26247), was not correctly...

1 affected package

ruby-nokogiri

Package 22.04 LTS
ruby-nokogiri Needs evaluation
Show less packages

CVE-2026-52690

Medium priority
Needs evaluation

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail.

1 affected package

pdns-recursor

Package 22.04 LTS
pdns-recursor Needs evaluation
Show less packages

CVE-2026-42390

Medium priority
Needs evaluation

An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation.

1 affected package

pdns-recursor

Package 22.04 LTS
pdns-recursor Needs evaluation
Show less packages

CVE-2026-42389

Medium priority
Needs evaluation

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers.

1 affected package

pdns-recursor

Package 22.04 LTS
pdns-recursor Needs evaluation
Show less packages

CVE-2026-42388

Medium priority
Needs evaluation

Incomplete validation of the SOA record present in a catalog zone might lead to a crash.

1 affected package

pdns-recursor

Package 22.04 LTS
pdns-recursor Needs evaluation
Show less packages

CVE-2026-42387

Medium priority
Needs evaluation

A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation.

1 affected package

pdns-recursor

Package 22.04 LTS
pdns-recursor Needs evaluation
Show less packages