Search CVE reports


Toggle filters

221 – 230 of 42760 results

Status is adjusted based on your filters.


CVE-2026-15146

Medium priority
Vulnerable

GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP passive mode. A malicious FTP server, or an HTTP server that redirects to an FTP URL, can exploit this behavior to redirect Wget’s...

1 affected package

wget

Package 20.04 LTS
wget Vulnerable
Show less packages

CVE-2026-56373

Medium priority
Needs evaluation

ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause...

1 affected package

imagemagick

Package 20.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-56366

Medium priority
Needs evaluation

ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial...

1 affected package

imagemagick

Package 20.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-14461

Low priority
Needs evaluation

mtr is vulnerable to Out-of-bound read vulnerability in ipinfo_lookup() function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes...

1 affected package

mtr

Package 20.04 LTS
mtr Needs evaluation
Show less packages

CVE-2026-54423

Medium priority
Needs evaluation

In OpenStack Ironic before 37.0.1, an Ironic user with the ability to deploy nodes using the IPMI management interface can maliciously use the send_raw step to send arbitrary IPMI commands to a node, bypassing Ironic's access control.

1 affected package

ironic

Package 20.04 LTS
ironic Needs evaluation
Show less packages

CVE-2026-44918

Medium priority
Needs evaluation

OpenStack Ironic through before 37.0.1 allows creation or modification of nodes cross-project without authorization.

1 affected package

ironic

Package 20.04 LTS
ironic Needs evaluation
Show less packages

CVE-2026-59858

Medium priority
Fixed

Vim is an open source, command line text editor. Prior to 9.2.0735, the C omni-completion script in runtime/autoload/ccomplete.vim interpolates the typeref: or typename: extension field of a tags entry, without escaping, into a...

1 affected package

vim

Package 20.04 LTS
vim Fixed
Show less packages

CVE-2026-59857

Medium priority
Fixed

Vim is an open source, command line text editor. Prior to 9.2.0725, the single-byte branch of spell_soundfold_sal() in src/spell.c translates a word through a spell file's SAL sound-folding rules into a caller-owned result buffer,...

1 affected package

vim

Package 20.04 LTS
vim Fixed
Show less packages

CVE-2026-59856

Medium priority
Not affected

Vim is an open source, command line text editor. Prior to 9.2.0736, the PHP omni-completion script in runtime/autoload/phpcomplete.vim interpolates a class or trait name, taken from the contents of the edited buffer, into...

1 affected package

vim

Package 20.04 LTS
vim Not affected
Show less packages

CVE-2026-57825

Medium priority
Needs evaluation

[Unknown description]

1 affected package

opam

Package 20.04 LTS
opam Needs evaluation
Show less packages