Search CVE reports


Toggle filters

61 – 70 of 43538 results

Status is adjusted based on your filters.


CVE-2026-54431

Medium priority
Needs evaluation

In liboauth2 the Demonstrating Proof-of-Possession (DPoP) verifier accepts a proof whose JSON Web Key (jwk) header contains private key material. RFC 9449 section 4.3 step 7 requires the verifier to reject such a...

1 affected package

liboauth2

Package 22.04 LTS
liboauth2 Needs evaluation
Show less packages

CVE-2026-54430

Medium priority
Needs evaluation

liboauth2 is vulnerable to Server-Side Request Forgery in oauth2_jose_jwks_aws_alb_resolve() function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is...

1 affected package

liboauth2

Package 22.04 LTS
liboauth2 Needs evaluation
Show less packages

CVE-2026-53422

Medium priority
Needs evaluation

Observable Response Discrepancy vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSH_FXP_REALPATH...

1 affected package

erlang

Package 22.04 LTS
erlang Needs evaluation
Show less packages

CVE-2026-53358

Medium priority
Vulnerable

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: use chan timer to close channels in cleanup_listen() l2cap_chan_close() removes the channel from conn->chan_l, which must be done under...

162 affected packages

linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11...

Package 22.04 LTS
linux Vulnerable
linux-hwe Not in release
linux-hwe-5.4 Not in release
linux-hwe-5.8 Not in release
linux-hwe-5.11 Not in release
linux-hwe-5.13 Not in release
linux-hwe-5.15 Not in release
linux-hwe-5.19 Ignored
linux-hwe-6.2 Ignored
linux-hwe-6.5 Ignored
linux-hwe-6.8 Vulnerable
linux-hwe-6.11 Not in release
linux-hwe-6.14 Not in release
linux-hwe-6.17 Not in release
linux-hwe-7.0 Not in release
linux-hwe-edge Not in release
linux-lts-xenial Not in release
linux-kvm Vulnerable
linux-allwinner-5.19 Ignored
linux-aws Vulnerable
linux-aws-5.0 Not in release
linux-aws-5.3 Not in release
linux-aws-5.4 Not in release
linux-aws-5.8 Not in release
linux-aws-5.11 Not in release
linux-aws-5.13 Not in release
linux-aws-5.15 Not in release
linux-aws-5.19 Ignored
linux-aws-6.2 Ignored
linux-aws-6.5 Ignored
linux-aws-6.8 Vulnerable
linux-aws-6.14 Not in release
linux-aws-6.17 Not in release
linux-aws-hwe Not in release
linux-azure Vulnerable
linux-azure-4.15 Not in release
linux-azure-5.3 Not in release
linux-azure-5.4 Not in release
linux-azure-5.8 Not in release
linux-azure-5.11 Not in release
linux-azure-5.13 Not in release
linux-azure-5.15 Not in release
linux-azure-5.19 Ignored
linux-azure-6.2 Ignored
linux-azure-6.5 Ignored
linux-azure-6.8 Vulnerable
linux-azure-6.11 Not in release
linux-azure-6.14 Not in release
linux-azure-6.17 Not in release
linux-azure-fde Vulnerable
linux-azure-fde-5.15 Not in release
linux-azure-fde-5.19 Ignored
linux-azure-fde-6.2 Ignored
linux-azure-fde-6.8 Vulnerable
linux-azure-fde-6.14 Not in release
linux-azure-fde-6.17 Not in release
linux-azure-nvidia Not in release
linux-azure-nvidia-6.14 Not in release
linux-bluefield Not in release
linux-azure-edge Not in release
linux-fips Vulnerable
linux-aws-fips Vulnerable
linux-azure-fips Vulnerable
linux-gcp-fips Vulnerable
linux-gcp Vulnerable
linux-gcp-4.15 Not in release
linux-gcp-5.3 Not in release
linux-gcp-5.4 Not in release
linux-gcp-5.8 Not in release
linux-gcp-5.11 Not in release
linux-gcp-5.13 Not in release
linux-gcp-5.15 Not in release
linux-gcp-5.19 Ignored
linux-gcp-6.2 Ignored
linux-gcp-6.5 Ignored
linux-gcp-6.8 Vulnerable
linux-gcp-6.11 Not in release
linux-gcp-6.14 Not in release
linux-gcp-6.17 Not in release
linux-gke Vulnerable
linux-gke-4.15 Not in release
linux-gke-5.4 Not in release
linux-gke-5.15 Not in release
linux-gkeop Vulnerable
linux-gkeop-5.4 Not in release
linux-gkeop-5.15 Not in release
linux-ibm Vulnerable
linux-ibm-5.4 Not in release
linux-ibm-5.15 Not in release
linux-ibm-6.8 Vulnerable
linux-intel-5.13 Not in release
linux-intel-iotg Vulnerable
linux-intel-iotg-5.15 Not in release
linux-iot Not in release
linux-intel-iot-realtime Vulnerable
linux-lowlatency Vulnerable
linux-lowlatency-hwe-5.15 Not in release
linux-lowlatency-hwe-5.19 Ignored
linux-lowlatency-hwe-6.2 Ignored
linux-lowlatency-hwe-6.5 Ignored
linux-lowlatency-hwe-6.8 Vulnerable
linux-lowlatency-hwe-6.11 Not in release
linux-nvidia Vulnerable
linux-nvidia-6.2 Ignored
linux-nvidia-6.5 Ignored
linux-nvidia-6.8 Vulnerable
linux-nvidia-6.11 Not in release
linux-nvidia-6.17 Not in release
linux-nvidia-7.0 Not in release
linux-nvidia-bos Not in release
linux-nvidia-lowlatency Not in release
linux-nvidia-tegra Vulnerable
linux-nvidia-tegra-5.15 Not in release
linux-nvidia-tegra-igx Vulnerable
linux-oracle Vulnerable
linux-oracle-5.0 Not in release
linux-oracle-5.3 Not in release
linux-oracle-5.4 Not in release
linux-oracle-5.8 Not in release
linux-oracle-5.11 Not in release
linux-oracle-5.13 Not in release
linux-oracle-5.15 Not in release
linux-oracle-6.5 Ignored
linux-oracle-6.8 Vulnerable
linux-oracle-6.14 Not in release
linux-oracle-6.17 Not in release
linux-oem Not in release
linux-oem-5.6 Not in release
linux-oem-5.10 Not in release
linux-oem-5.13 Not in release
linux-oem-5.14 Not in release
linux-oem-5.17 Ignored
linux-oem-6.0 Ignored
linux-oem-6.1 Ignored
linux-oem-6.5 Ignored
linux-oem-6.8 Not in release
linux-oem-6.11 Not in release
linux-oem-6.14 Not in release
linux-oem-6.17 Not in release
linux-oem-7.0 Not in release
linux-raspi Vulnerable
linux-raspi2 Not in release
linux-raspi-5.4 Not in release
linux-raspi-realtime Not in release
linux-realtime Vulnerable
linux-realtime-6.8 Vulnerable
linux-realtime-6.14 Not in release
linux-riscv Ignored
linux-riscv-5.8 Not in release
linux-riscv-5.11 Not in release
linux-riscv-5.15 Not in release
linux-riscv-5.19 Ignored
linux-riscv-6.5 Ignored
linux-riscv-6.8 Vulnerable
linux-riscv-6.14 Not in release
linux-riscv-6.17 Not in release
linux-starfive-5.19 Ignored
linux-starfive-6.2 Ignored
linux-starfive-6.5 Ignored
linux-xilinx Not in release
linux-xilinx-zynqmp Vulnerable
linux-realtime-6.17 Not in release
Show all 162 packages Show less packages

CVE-2026-53357

Medium priority
Vulnerable

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs l2cap_conn_del() bt_accept_dequeue() unlinks a not-yet-accepted child from the parent accept queue and...

162 affected packages

linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11...

Package 22.04 LTS
linux Vulnerable
linux-hwe Not in release
linux-hwe-5.4 Not in release
linux-hwe-5.8 Not in release
linux-hwe-5.11 Not in release
linux-hwe-5.13 Not in release
linux-hwe-5.15 Not in release
linux-hwe-5.19 Ignored
linux-hwe-6.2 Ignored
linux-hwe-6.5 Ignored
linux-hwe-6.8 Vulnerable
linux-hwe-6.11 Not in release
linux-hwe-6.14 Not in release
linux-hwe-6.17 Not in release
linux-hwe-7.0 Not in release
linux-hwe-edge Not in release
linux-lts-xenial Not in release
linux-kvm Vulnerable
linux-allwinner-5.19 Ignored
linux-aws Vulnerable
linux-aws-5.0 Not in release
linux-aws-5.3 Not in release
linux-aws-5.4 Not in release
linux-aws-5.8 Not in release
linux-aws-5.11 Not in release
linux-aws-5.13 Not in release
linux-aws-5.15 Not in release
linux-aws-5.19 Ignored
linux-aws-6.2 Ignored
linux-aws-6.5 Ignored
linux-aws-6.8 Vulnerable
linux-aws-6.14 Not in release
linux-aws-6.17 Not in release
linux-aws-hwe Not in release
linux-azure Vulnerable
linux-azure-4.15 Not in release
linux-azure-5.3 Not in release
linux-azure-5.4 Not in release
linux-azure-5.8 Not in release
linux-azure-5.11 Not in release
linux-azure-5.13 Not in release
linux-azure-5.15 Not in release
linux-azure-5.19 Ignored
linux-azure-6.2 Ignored
linux-azure-6.5 Ignored
linux-azure-6.8 Vulnerable
linux-azure-6.11 Not in release
linux-azure-6.14 Not in release
linux-azure-6.17 Not in release
linux-azure-fde Vulnerable
linux-azure-fde-5.15 Not in release
linux-azure-fde-5.19 Ignored
linux-azure-fde-6.2 Ignored
linux-azure-fde-6.8 Vulnerable
linux-azure-fde-6.14 Not in release
linux-azure-fde-6.17 Not in release
linux-azure-nvidia Not in release
linux-azure-nvidia-6.14 Not in release
linux-bluefield Not in release
linux-azure-edge Not in release
linux-fips Vulnerable
linux-aws-fips Vulnerable
linux-azure-fips Vulnerable
linux-gcp-fips Vulnerable
linux-gcp Vulnerable
linux-gcp-4.15 Not in release
linux-gcp-5.3 Not in release
linux-gcp-5.4 Not in release
linux-gcp-5.8 Not in release
linux-gcp-5.11 Not in release
linux-gcp-5.13 Not in release
linux-gcp-5.15 Not in release
linux-gcp-5.19 Ignored
linux-gcp-6.2 Ignored
linux-gcp-6.5 Ignored
linux-gcp-6.8 Vulnerable
linux-gcp-6.11 Not in release
linux-gcp-6.14 Not in release
linux-gcp-6.17 Not in release
linux-gke Vulnerable
linux-gke-4.15 Not in release
linux-gke-5.4 Not in release
linux-gke-5.15 Not in release
linux-gkeop Vulnerable
linux-gkeop-5.4 Not in release
linux-gkeop-5.15 Not in release
linux-ibm Vulnerable
linux-ibm-5.4 Not in release
linux-ibm-5.15 Not in release
linux-ibm-6.8 Vulnerable
linux-intel-5.13 Not in release
linux-intel-iotg Vulnerable
linux-intel-iotg-5.15 Not in release
linux-iot Not in release
linux-intel-iot-realtime Vulnerable
linux-lowlatency Vulnerable
linux-lowlatency-hwe-5.15 Not in release
linux-lowlatency-hwe-5.19 Ignored
linux-lowlatency-hwe-6.2 Ignored
linux-lowlatency-hwe-6.5 Ignored
linux-lowlatency-hwe-6.8 Vulnerable
linux-lowlatency-hwe-6.11 Not in release
linux-nvidia Vulnerable
linux-nvidia-6.2 Ignored
linux-nvidia-6.5 Ignored
linux-nvidia-6.8 Vulnerable
linux-nvidia-6.11 Not in release
linux-nvidia-6.17 Not in release
linux-nvidia-7.0 Not in release
linux-nvidia-bos Not in release
linux-nvidia-lowlatency Not in release
linux-nvidia-tegra Vulnerable
linux-nvidia-tegra-5.15 Not in release
linux-nvidia-tegra-igx Vulnerable
linux-oracle Vulnerable
linux-oracle-5.0 Not in release
linux-oracle-5.3 Not in release
linux-oracle-5.4 Not in release
linux-oracle-5.8 Not in release
linux-oracle-5.11 Not in release
linux-oracle-5.13 Not in release
linux-oracle-5.15 Not in release
linux-oracle-6.5 Ignored
linux-oracle-6.8 Vulnerable
linux-oracle-6.14 Not in release
linux-oracle-6.17 Not in release
linux-oem Not in release
linux-oem-5.6 Not in release
linux-oem-5.10 Not in release
linux-oem-5.13 Not in release
linux-oem-5.14 Not in release
linux-oem-5.17 Ignored
linux-oem-6.0 Ignored
linux-oem-6.1 Ignored
linux-oem-6.5 Ignored
linux-oem-6.8 Not in release
linux-oem-6.11 Not in release
linux-oem-6.14 Not in release
linux-oem-6.17 Not in release
linux-oem-7.0 Not in release
linux-raspi Vulnerable
linux-raspi2 Not in release
linux-raspi-5.4 Not in release
linux-raspi-realtime Not in release
linux-realtime Vulnerable
linux-realtime-6.8 Vulnerable
linux-realtime-6.14 Not in release
linux-riscv Ignored
linux-riscv-5.8 Not in release
linux-riscv-5.11 Not in release
linux-riscv-5.15 Not in release
linux-riscv-5.19 Ignored
linux-riscv-6.5 Ignored
linux-riscv-6.8 Vulnerable
linux-riscv-6.14 Not in release
linux-riscv-6.17 Not in release
linux-starfive-5.19 Ignored
linux-starfive-6.2 Ignored
linux-starfive-6.5 Ignored
linux-xilinx Not in release
linux-xilinx-zynqmp Vulnerable
linux-realtime-6.17 Not in release
Show all 162 packages Show less packages

CVE-2026-50722

Medium priority
Needs evaluation

Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v1_5 (RFC 8017). A remote...

1 affected package

libreswan

Package 22.04 LTS
libreswan Needs evaluation
Show less packages

CVE-2026-50721

Medium priority
Needs evaluation

Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS #1 RSA Encryption as per RFC...

1 affected package

libreswan

Package 22.04 LTS
libreswan Needs evaluation
Show less packages

CVE-2026-49838

Medium priority
Needs evaluation

[Unknown description]

1 affected package

gobgp

Package 22.04 LTS
gobgp Needs evaluation
Show less packages

CVE-2026-49090

Medium priority

Not in release

Uncontrolled Resource Consumption (CWE-400) in Elasticsearch can lead to a denial of service via Excessive Allocation (CAPEC-130). An authenticated user can submit a specially crafted bulk request that causes sustained high CPU...

1 affected package

elasticsearch

Package 22.04 LTS
elasticsearch Not in release
Show less packages

CVE-2026-44941

Medium priority
Needs evaluation

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root.

1 affected package

libzypp

Package 22.04 LTS
libzypp Needs evaluation
Show less packages