Search CVE reports
71 – 80 of 28513 results
Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Vulnerable |
Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Vulnerable |
Improper authorization in .NET allows an authorized attacker to elevate privileges locally.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS |
|---|---|
| dotnet6 | Not in release |
| dotnet7 | Not in release |
| dotnet8 | Not in release |
| dotnet9 | Not in release |
| dotnet10 | Not affected |
Some fixes available 1 of 2
Heap Use-After-Free in OpenSSL PKCS7_verify()
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 26.04 LTS |
|---|---|
| openssl | Fixed |
| openssl-fips | Not in release |
| openssl1.0 | Not in release |
| nodejs | Not affected |
| edk2 | Needs evaluation |
Some fixes available 1 of 2
Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 26.04 LTS |
|---|---|
| openssl | Fixed |
| openssl-fips | Not in release |
| openssl1.0 | Not in release |
| nodejs | Not affected |
| edk2 | Needs evaluation |
Some fixes available 1 of 2
AES-OCB IV Ignored on EVP_Cipher() Path
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 26.04 LTS |
|---|---|
| openssl | Fixed |
| openssl-fips | Not in release |
| openssl1.0 | Not in release |
| nodejs | Not affected |
| edk2 | Needs evaluation |
Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which...
1 affected package
apache2
| Package | 26.04 LTS |
|---|---|
| apache2 | Needs evaluation |
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the mod_proxy_ftp module in Apache HTTP Server with an attacker controlled backend FTP server. This issue affects undefined: from 2.4.0 through 2.4.67. Users...
1 affected package
apache2
| Package | 26.04 LTS |
|---|---|
| apache2 | Needs evaluation |
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version...
1 affected package
apache2
| Package | 26.04 LTS |
|---|---|
| apache2 | Needs evaluation |
Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through...
1 affected package
apache2
| Package | 26.04 LTS |
|---|---|
| apache2 | Needs evaluation |