Search CVE reports


Toggle filters

41 – 50 of 51629 results

Status is adjusted based on your filters.


CVE-2026-50648

Medium priority

Not in release

Allocation of resources without limits or throttling in .NET Framework allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 16.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-50528

Medium priority

Not in release

Incorrect authorization in .NET allows an unauthorized attacker to bypass a security feature over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 16.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-50527

Medium priority

Not in release

Stack-based buffer overflow in .NET Framework allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 16.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-50526

Medium priority

Not in release

Improper link resolution before file access ('link following') in .NET allows an authorized attacker to perform tampering locally.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 16.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-50525

Medium priority

Not in release

Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 16.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-50524

Medium priority

Not in release

Improper validation of specified type of input in .NET Framework allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 16.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-15714

Medium priority
Needs evaluation

An out-of-bounds read vulnerability was found in libsoup's multipart processing subsystem. The flaw exists in the soup_multipart_input_stream_read_headers() function inside soup-multipart-input-stream.c, which does not adequately...

2 affected packages

libsoup2.4, libsoup3

Package 16.04 LTS
libsoup2.4 Needs evaluation
libsoup3
Show less packages

CVE-2026-15711

Medium priority
Needs evaluation

A vulnerability was found in libsoup's WebSocket frame parsing implementation. The library fails to validate length rules specified in RFC 6455 ยง5.5, which mandates that all WebSocket control frames (e.g., PING, PONG, CLOSE)...

2 affected packages

libsoup2.4, libsoup3

Package 16.04 LTS
libsoup2.4 Needs evaluation
libsoup3
Show less packages

CVE-2026-15709

Medium priority
Needs evaluation

A flaw was found in libsoup's WebSocket implementation when using the permessage-deflate extension. The extension's decompression loop (inflate()) processes data in chunks without enforcing an upper boundary limit on the output...

2 affected packages

libsoup2.4, libsoup3

Package 16.04 LTS
libsoup2.4 Needs evaluation
libsoup3
Show less packages

CVE-2026-47304

Medium priority

Not in release

Improper verification of cryptographic signature in .NET allows an unauthorized attacker to bypass a security feature over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 16.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages