CVE search results

41 – 50 of 33222 results

Detailed view

Sort by:

Status is adjusted based on your filters.

CVE-2026-3945

Medium priority

Needs evaluation

An integer overflow vulnerability in the HTTP chunked transfer encoding parser in tinyproxy up to and including version 1.11.3 allows an unauthenticated remote attacker to cause a denial of service (DoS). The issue occurs because...

1 affected package

tinyproxy

Package	24.04 LTS
tinyproxy	Needs evaluation

CVE-2026-5119

Medium priority

Needs evaluation

A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a...

2 affected packages

libsoup2.4, libsoup3

Package	24.04 LTS
libsoup2.4	Needs evaluation
libsoup3	Needs evaluation

CVE-2026-5107

Medium priority

Needs evaluation

A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access...

2 affected packages

frr, quagga

Package	24.04 LTS
frr	Needs evaluation
quagga	Not in release

CVE-2026-2370

Medium priority

Not in release

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 affecting Jira Connect installations that could have allowed an authenticated user with...

1 affected package

gitlab

Package	24.04 LTS
gitlab	Not in release

CVE-2026-33995

Medium priority

Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberos_AcceptSecurityContext() and kerberos_InitializeSecurityContextA() (WinPR,...

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS
freerdp	Not in release
freerdp2	Needs evaluation
freerdp3	Needs evaluation

CVE-2026-33987

Medium priority

Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistent_cache_read_entry_v3() in libfreerdp/cache/persistent.c, persistent->bmpSize is updated before winpr_aligned_recalloc(). If...

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS
freerdp	Not in release
freerdp2	Needs evaluation
freerdp3	Needs evaluation

CVE-2026-33986

Medium priority

Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuv_ensure_buffer() in libfreerdp/codec/h264.c, h264->width and h264->height are updated before the reallocation loop. If any...

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS
freerdp	Not in release
freerdp2	Needs evaluation
freerdp3	Needs evaluation

CVE-2026-33985

Medium priority

Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched...

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS
freerdp	Not in release
freerdp2	Needs evaluation
freerdp3	Needs evaluation

CVE-2026-33984

Medium priority

Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in resize_vbar_entry() in libfreerdp/codec/clear.c, vBarEntry->size is updated to vBarEntry->count before the winpr_aligned_recalloc() call....

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS
freerdp	Not in release
freerdp2	Needs evaluation
freerdp3	Needs evaluation

CVE-2026-33983

Medium priority

Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, progressive_decompress_tile_upgrade() detects a mismatch via progressive_rfx_quant_cmp_equal() but only emits WLog_WARN,...

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS
freerdp	Not in release
freerdp2	Needs evaluation
freerdp3	Needs evaluation

Export to JSON

Results by page:

Search CVE reports