Search CVE reports


Toggle filters

31 – 40 of 51629 results

Status is adjusted based on your filters.


CVE-2026-46570

Medium priority
Needs evaluation

In NTFS-3G through 2026.2.25, a heap buffer overflow exists in ntfs_index_walk_down() in libntfs-3g/index.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The...

1 affected package

ntfs-3g

Package 16.04 LTS
ntfs-3g Needs evaluation
Show less packages

CVE-2026-46569

Medium priority
Needs evaluation

In NTFS-3G through 2026.2.25, a heap buffer overflow exists in ntfs_ib_copy_tail(), in libntfs-3g/index.c, that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The...

1 affected package

ntfs-3g

Package 16.04 LTS
ntfs-3g Needs evaluation
Show less packages

CVE-2026-42618

Medium priority
Needs evaluation

In NTFS-3G through 2026.2.25, a heap buffer overflow exists in ntfs_decompress() in compress.c that allows an attacker to corrupt one byte of heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The...

1 affected package

ntfs-3g

Package 16.04 LTS
ntfs-3g Needs evaluation
Show less packages

CVE-2026-42617

Medium priority
Needs evaluation

In NTFS-3G through 2026.2.25, a heap buffer overflow exists in ntfs_ir_to_ib() in index.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered...

1 affected package

ntfs-3g

Package 16.04 LTS
ntfs-3g Needs evaluation
Show less packages

CVE-2026-42616

Medium priority
Needs evaluation

In NTFS-3G through 2026.2.25, a heap buffer overflow exists in cat() in cat.c that allows an attacker to corrupt heap memory in the ntfscat binary by crafting a malicious NTFS image. The overflow is triggered by reading a file.

1 affected package

ntfs-3g

Package 16.04 LTS
ntfs-3g Needs evaluation
Show less packages

CVE-2026-49855

Medium priority
Needs evaluation

Tornado is a Python web framework and asynchronous networking library. Prior to 6.5.6, Tornado gzip decompression routines processed limited-size chunks but did not enforce an overall limit on accumulated decompressed chunks,...

1 affected package

python-tornado

Package 16.04 LTS
python-tornado Needs evaluation
Show less packages

CVE-2026-49854

Medium priority
Needs evaluation

Tornado is a Python web framework and asynchronous networking library. Prior to 6.5.6, the optional native extension tornado.speedups implemented websocket_mask without validating that the mask argument is exactly four bytes,...

1 affected package

python-tornado

Package 16.04 LTS
python-tornado Needs evaluation
Show less packages

CVE-2026-49853

Medium priority
Needs evaluation

Tornado is a Python web framework and asynchronous networking library. Prior to 6.5.6, SimpleAsyncHTTPClient shallow-copied redirected requests and removed only the Host header, leaving Authorization, auth_username, auth_password,...

1 affected package

python-tornado

Package 16.04 LTS
python-tornado Needs evaluation
Show less packages

CVE-2026-50659

Medium priority

Not in release

Improper encoding or escaping of output in .NET allows an authorized attacker to perform spoofing over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 16.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-50651

Medium priority

Not in release

Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 16.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages