Search CVE reports


Toggle filters

21 – 30 of 39382 results

Status is adjusted based on your filters.


CVE-2026-14355

Medium priority
Needs evaluation

[PHP: ext/openssl: Memory corruption (zend_mm_heap corrupted) in openssl_encrypt with AES-WRAP-PAD]

8 affected packages

php5, php7.0, php7.2, php7.4, php8.1...

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
php8.4 Not in release
php8.5 Not in release
Show all 8 packages Show less packages

CVE-2026-14330

Medium priority
Needs evaluation

Multiple unbounded alloca() calls in the PulseAudio protocol server.

2 affected packages

pipewire, pulseaudio

Package 24.04 LTS
pipewire Needs evaluation
pulseaudio Needs evaluation
Show less packages

CVE-2026-13698

Medium priority
Needs evaluation

[Unknown description]

1 affected package

openvpn

Package 24.04 LTS
openvpn Needs evaluation
Show less packages

CVE-2026-13122

Medium priority
Needs evaluation

[Unknown description]

1 affected package

openvpn

Package 24.04 LTS
openvpn Needs evaluation
Show less packages

CVE-2026-13117

Medium priority
Needs evaluation

[Unknown description]

1 affected package

openvpn

Package 24.04 LTS
openvpn Needs evaluation
Show less packages

CVE-2026-12996

Medium priority
Needs evaluation

[Unknown description]

1 affected package

openvpn

Package 24.04 LTS
openvpn Needs evaluation
Show less packages

CVE-2026-12932

Medium priority
Needs evaluation

[Unknown description]

1 affected package

openvpn

Package 24.04 LTS
openvpn Needs evaluation
Show less packages

CVE-2026-12413

Medium priority
Needs evaluation

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemble_v2_incoming_fragments() would ignore unknown...

1 affected package

libreswan

Package 24.04 LTS
libreswan Needs evaluation
Show less packages

CVE-2026-12184

Medium priority
Needs evaluation

security update

8 affected packages

php5, php7.0, php7.2, php7.4, php8.1...

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
php8.4 Not in release
php8.5 Not in release
Show all 8 packages Show less packages

CVE-2026-11946

Medium priority

Not in release

An unauthenticated remote attacker can exhaust server memory via the GetEndpoints Discovery Service in open62541. The endpointUrl field of GetEndpointsRequest is not validated for length. An attacker can declare an arbitrarily...

1 affected package

open62541

Package 24.04 LTS
open62541 Not in release
Show less packages