Search CVE reports


Toggle filters

241 – 250 of 42294 results

Status is adjusted based on your filters.


CVE-2026-46608

Medium priority
Needs evaluation

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server (glances -s) introduced a configurable CORS origin list in version 4.5.3 as a mitigation for CVE-2026-33533. However, the...

1 affected package

glances

Package 20.04 LTS
glances Needs evaluation
Show less packages

CVE-2026-46607

Medium priority
Needs evaluation

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, glances/outdated.py uses pickle.load() to read a version-check cache file stored at a predictable, world-accessible...

1 affected package

glances

Package 20.04 LTS
glances Needs evaluation
Show less packages

CVE-2026-46606

Medium priority
Needs evaluation

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances KVM/QEMU monitoring engine (glances/plugins/vms/engines/virsh.py) passes VM domain names, read directly from virsh list --all output,...

1 affected package

glances

Package 20.04 LTS
glances Needs evaluation
Show less packages

CVE-2026-6291

Medium priority
Needs evaluation

Bleichenbacher padding oracle in PKCS#7 KTRI decryption. When decrypting PKCS#7 EnvelopedData using RSA PKCS#1 v1.5 key transport, wolfSSL returned distinguishable error codes depending on whether RSA padding validation failed...

1 affected package

wolfssl

Package 20.04 LTS
wolfssl Needs evaluation
Show less packages

CVE-2026-6094

Medium priority
Needs evaluation

Heap buffer overread in wc_PKCS7_DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-supplied data delivered via S/MIME or CMS.

1 affected package

wolfssl

Package 20.04 LTS
wolfssl Needs evaluation
Show less packages

CVE-2026-6091

Medium priority
Needs evaluation

Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that ends at an intermediate...

1 affected package

wolfssl

Package 20.04 LTS
wolfssl Needs evaluation
Show less packages

CVE-2026-55967

Medium priority
Needs evaluation

AES-GCM encryption/decryption with extremely large cumulative single message sizes (>64 GiB) were not properly rejected by the streaming APIs, allowing counter wrap, keystream reuse, and consequent plaintext recovery.

1 affected package

wolfssl

Package 20.04 LTS
wolfssl Needs evaluation
Show less packages

CVE-2026-55961

Medium priority
Needs evaluation

wolfSSL_PKCS7_verify() returning success for a degenerate (certs-only) PKCS#7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any...

1 affected package

wolfssl

Package 20.04 LTS
wolfssl Needs evaluation
Show less packages

CVE-2026-54679

Medium priority
Needs evaluation

jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvp_string_append has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2.

1 affected package

jq

Package 20.04 LTS
jq Needs evaluation
Show less packages

CVE-2026-49839

Medium priority
Needs evaluation

jq is a command-line JSON processor. Prior to 1.8.2,` jq --rawfile` can turn a handled oversized-string error into invalid-state reuse and a real heap out-of-bounds write in assertion-disabled builds. When jv_load_file(raw=1)...

1 affected package

jq

Package 20.04 LTS
jq Needs evaluation
Show less packages