Search CVE reports

341 – 350 of 37984 results

Detailed view

Sort by:

Status is adjusted based on your filters.

CVE-2026-32282

Medium priority

Needs evaluation

On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall...

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package	22.04 LTS
golang	Not in release
golang-1.6	Not in release
golang-1.8	Not in release
golang-1.9	Not in release
golang-1.10	Not in release
golang-1.13	Needs evaluation
golang-1.14	Not in release
golang-1.16	Not in release
golang-1.17	Needs evaluation
golang-1.18	Needs evaluation
golang-1.20	Needs evaluation
golang-1.21	Needs evaluation
golang-1.22	Needs evaluation
golang-1.23	Needs evaluation
golang-1.24	Needs evaluation
golang-1.25	Not in release

CVE-2026-32281

Medium priority

Needs evaluation

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of...

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package	22.04 LTS
golang	Not in release
golang-1.6	Not in release
golang-1.8	Not in release
golang-1.9	Not in release
golang-1.10	Not in release
golang-1.13	Needs evaluation
golang-1.14	Not in release
golang-1.16	Not in release
golang-1.17	Needs evaluation
golang-1.18	Needs evaluation
golang-1.20	Needs evaluation
golang-1.21	Needs evaluation
golang-1.22	Needs evaluation
golang-1.23	Needs evaluation
golang-1.24	Needs evaluation
golang-1.25	Not in release

CVE-2026-32280

Medium priority

Needs evaluation

During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both...

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package	22.04 LTS
golang	Not in release
golang-1.6	Not in release
golang-1.8	Not in release
golang-1.9	Not in release
golang-1.10	Not in release
golang-1.13	Needs evaluation
golang-1.14	Not in release
golang-1.16	Not in release
golang-1.17	Needs evaluation
golang-1.18	Needs evaluation
golang-1.20	Needs evaluation
golang-1.21	Needs evaluation
golang-1.22	Needs evaluation
golang-1.23	Needs evaluation
golang-1.24	Needs evaluation
golang-1.25	Not in release

CVE-2026-27144

Medium priority

Needs evaluation

The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory...

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package	22.04 LTS
golang	Not in release
golang-1.6	Not in release
golang-1.8	Not in release
golang-1.9	Not in release
golang-1.10	Not in release
golang-1.13	Needs evaluation
golang-1.14	Not in release
golang-1.16	Not in release
golang-1.17	Needs evaluation
golang-1.18	Needs evaluation
golang-1.20	Needs evaluation
golang-1.21	Needs evaluation
golang-1.22	Needs evaluation
golang-1.23	Needs evaluation
golang-1.24	Needs evaluation
golang-1.25	Not in release

CVE-2026-27143

Medium priority

Needs evaluation

Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption.

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package	22.04 LTS
golang	Not in release
golang-1.6	Not in release
golang-1.8	Not in release
golang-1.9	Not in release
golang-1.10	Not in release
golang-1.13	Needs evaluation
golang-1.14	Not in release
golang-1.16	Not in release
golang-1.17	Needs evaluation
golang-1.18	Needs evaluation
golang-1.20	Needs evaluation
golang-1.21	Needs evaluation
golang-1.22	Needs evaluation
golang-1.23	Needs evaluation
golang-1.24	Needs evaluation
golang-1.25	Not in release

CVE-2026-27140

Medium priority

Needs evaluation

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package	22.04 LTS
golang	Not in release
golang-1.6	Not in release
golang-1.8	Not in release
golang-1.9	Not in release
golang-1.10	Not in release
golang-1.13	Needs evaluation
golang-1.14	Not in release
golang-1.16	Not in release
golang-1.17	Needs evaluation
golang-1.18	Needs evaluation
golang-1.20	Needs evaluation
golang-1.21	Needs evaluation
golang-1.22	Needs evaluation
golang-1.23	Needs evaluation
golang-1.24	Needs evaluation
golang-1.25	Not in release

CVE-2026-39881

Medium priority

Needs evaluation

Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim connects to it, via...

1 affected package

vim

Package	22.04 LTS
vim	Needs evaluation

CVE-2026-39860

Medium priority

Needs evaluation

Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary overwrites of files writable by the Nix process orchestrating the builds (typically the Nix daemon running as...

1 affected package

nix

Package	22.04 LTS
nix	Needs evaluation

CVE-2026-31411

Medium priority

Vulnerable

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() Reproducer available at [1]. The ATM send path (sendmsg -> vcc_sendmsg -> sigd_send) reads the...

157 affected packages

linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11, linux-hwe-5.13...

Package	22.04 LTS
linux-hwe	Not in release
linux-hwe-5.4	Not in release
linux-hwe-5.8	Not in release
linux-hwe-5.11	Not in release
linux-hwe-5.13	Not in release
linux-hwe-5.15	Not in release
linux-hwe-5.19	Ignored
linux-hwe-6.2	Ignored
linux-hwe-6.5	Ignored
linux-hwe-6.8	Vulnerable
linux-hwe-6.11	Not in release
linux-hwe-6.14	Not in release
linux-hwe-6.17	Not in release
linux-hwe-edge	Not in release
linux-lts-xenial	Not in release
linux-kvm	Vulnerable
linux-allwinner-5.19	Ignored
linux-aws-5.0	Not in release
linux-aws-5.3	Not in release
linux-aws-5.4	Not in release
linux-aws-5.8	Not in release
linux-aws-5.11	Not in release
linux-aws-5.13	Not in release
linux-aws-5.15	Not in release
linux-aws-5.19	Ignored
linux-aws-6.2	Ignored
linux-aws-6.5	Ignored
linux-aws-6.8	Vulnerable
linux-aws-6.14	Not in release
linux-aws-6.17	Not in release
linux-aws-hwe	Not in release
linux-azure-4.15	Not in release
linux-azure-5.3	Not in release
linux-azure-5.4	Not in release
linux-azure-5.8	Not in release
linux-azure-5.11	Not in release
linux-azure-5.13	Not in release
linux-azure-5.15	Not in release
linux-azure-5.19	Ignored
linux-azure-6.2	Ignored
linux-azure-6.5	Ignored
linux-azure-6.8	Vulnerable
linux-azure-6.11	Not in release
linux-azure-6.14	Not in release
linux-azure-6.17	Not in release
linux-azure-fde-5.15	Not in release
linux-azure-fde-5.19	Ignored
linux-azure-fde-6.2	Ignored
linux-azure-fde-6.8	Vulnerable
linux-azure-fde-6.14	Not in release
linux-azure-fde-6.17	Not in release
linux-azure-nvidia	Not in release
linux-azure-nvidia-6.14	Not in release
linux-bluefield	Not in release
linux-azure-edge	Not in release
linux-fips	Vulnerable
linux-aws-fips	Vulnerable
linux-azure-fips	Vulnerable
linux-gcp-fips	Vulnerable
linux-gcp-4.15	Not in release
linux-gcp-5.3	Not in release
linux-gcp-5.4	Not in release
linux-gcp-5.8	Not in release
linux-gcp-5.11	Not in release
linux-gcp-5.13	Not in release
linux-gcp-5.15	Not in release
linux-gcp-5.19	Ignored
linux-gcp-6.2	Ignored
linux-gcp-6.5	Ignored
linux-gcp-6.8	Vulnerable
linux-gcp-6.11	Not in release
linux-gcp-6.14	Not in release
linux-gcp-6.17	Not in release
linux-gke	Vulnerable
linux-gke-4.15	Not in release
linux-gke-5.4	Not in release
linux-gke-5.15	Not in release
linux-gkeop	Vulnerable
linux-gkeop-5.4	Not in release
linux-gkeop-5.15	Not in release
linux-ibm	Vulnerable
linux-ibm-5.4	Not in release
linux-ibm-5.15	Not in release
linux-ibm-6.8	Vulnerable
linux-intel-5.13	Not in release
linux-intel-iotg	Vulnerable
linux-intel-iotg-5.15	Not in release
linux-iot	Not in release
linux-intel-iot-realtime	Vulnerable
linux-lowlatency	Vulnerable
linux-lowlatency-hwe-5.15	Not in release
linux-lowlatency-hwe-5.19	Ignored
linux-lowlatency-hwe-6.2	Ignored
linux-lowlatency-hwe-6.5	Ignored
linux-lowlatency-hwe-6.8	Vulnerable
linux-lowlatency-hwe-6.11	Not in release
linux-nvidia	Vulnerable
linux-nvidia-6.2	Ignored
linux-nvidia-6.5	Ignored
linux-nvidia-6.8	Vulnerable
linux-nvidia-6.11	Not in release
linux-nvidia-lowlatency	Not in release
linux-nvidia-tegra	Vulnerable
linux-nvidia-tegra-5.15	Not in release
linux-nvidia-tegra-igx	Vulnerable
linux-oracle-5.0	Not in release
linux-oracle-5.3	Not in release
linux-oracle-5.4	Not in release
linux-oracle-5.8	Not in release
linux-oracle-5.11	Not in release
linux-oracle-5.13	Not in release
linux-oracle-5.15	Not in release
linux-oracle-6.5	Ignored
linux-oracle-6.8	Vulnerable
linux-oracle-6.14	Not in release
linux-oracle-6.17	Not in release
linux-oem	Not in release
linux-oem-5.6	Not in release
linux-oem-5.10	Not in release
linux-oem-5.13	Not in release
linux-oem-5.14	Not in release
linux-oem-5.17	Ignored
linux-oem-6.0	Ignored
linux-oem-6.1	Ignored
linux-oem-6.5	Ignored
linux-oem-6.8	Not in release
linux-oem-6.11	Not in release
linux-oem-6.14	Not in release
linux-oem-6.17	Not in release
linux-raspi2	Not in release
linux-raspi-5.4	Not in release
linux-raspi-realtime	Not in release
linux-realtime-6.8	Vulnerable
linux-realtime-6.14	Not in release
linux-riscv	Ignored
linux-riscv-5.8	Not in release
linux-riscv-5.11	Not in release
linux-riscv-5.15	Not in release
linux-riscv-5.19	Ignored
linux-riscv-6.5	Ignored
linux-riscv-6.8	Vulnerable
linux-riscv-6.14	Not in release
linux-riscv-6.17	Not in release
linux-starfive-5.19	Ignored
linux-starfive-6.2	Ignored
linux-starfive-6.5	Ignored
linux-xilinx	Not in release
linux-xilinx-zynqmp	Vulnerable
linux-realtime-6.17	Not in release
linux	Vulnerable
linux-aws	Vulnerable
linux-azure	Vulnerable
linux-azure-fde	Vulnerable
linux-gcp	Vulnerable
linux-oracle	Vulnerable
linux-raspi	Vulnerable
linux-realtime	Vulnerable

CVE-2026-35406

Medium priority

Not in release

Aardvark-dns is an authoritative dns server for A/AAAA container records. From 1.16.0 to 1.17.0, a truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100%...

1 affected package

aardvark-dns

Package	22.04 LTS
aardvark-dns	Not in release

Export to JSON

Results by page: