Search CVE reports


Toggle filters

111 – 120 of 42760 results

Status is adjusted based on your filters.


CVE-2026-45068

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, SendmailTransport in -t mode appended recipient addresses to the sendmail command line...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-15714

Medium priority
Needs evaluation

An out-of-bounds read vulnerability was found in libsoup's multipart processing subsystem. The flaw exists in the soup_multipart_input_stream_read_headers() function inside soup-multipart-input-stream.c, which does not adequately...

2 affected packages

libsoup2.4, libsoup3

Package 20.04 LTS
libsoup2.4 Needs evaluation
libsoup3
Show less packages

CVE-2026-15711

Medium priority
Needs evaluation

A vulnerability was found in libsoup's WebSocket frame parsing implementation. The library fails to validate length rules specified in RFC 6455 ยง5.5, which mandates that all WebSocket control frames (e.g., PING, PONG, CLOSE)...

2 affected packages

libsoup2.4, libsoup3

Package 20.04 LTS
libsoup2.4 Needs evaluation
libsoup3
Show less packages

CVE-2026-15709

Medium priority
Needs evaluation

A flaw was found in libsoup's WebSocket implementation when using the permessage-deflate extension. The extension's decompression loop (inflate()) processes data in chunks without enforcing an upper boundary limit on the output...

2 affected packages

libsoup2.4, libsoup3

Package 20.04 LTS
libsoup2.4 Needs evaluation
libsoup3
Show less packages

CVE-2026-47767

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 5.4.46 until 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the CVE-2024-50340 fix gated runtime argv parsing on empty($_GET), but...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-47304

Medium priority

Not in release

Improper verification of cryptographic signature in .NET allows an unauthorized attacker to bypass a security feature over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 20.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-47303

Medium priority

Not in release

Authentication bypass by assumed-immutable data in ASP.NET Core allows an authorized attacker to elevate privileges over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 20.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-47302

Medium priority

Not in release

Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 20.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-47300

Medium priority

Not in release

Incorrect implementation of authentication algorithm in ASP.NET Core allows an authorized attacker to elevate privileges over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 20.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-45755

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 7.4.12 and 8.0.12, MailtrapRequestParser::doParse() received the configured webhook secret but ignored the X-Mt-Signature...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages