Search CVE reports


Toggle filters

1 – 10 of 42294 results

Status is adjusted based on your filters.


CVE-2026-56016

Medium priority
Needs evaluation

CGI::Session::ID::md5 versions before 4.49 for Perl generate predictable session ids from low-entropy sources. The generate_id method builds the session id from a MD5 digest of the process id, the epoch time, and the built-in...

1 affected package

libcgi-session-perl

Package 20.04 LTS
libcgi-session-perl Needs evaluation
Show less packages

CVE-2025-15666

Medium priority
Needs evaluation

A security vulnerability has been detected in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function Assimp::SceneCombiner::Copy of the file code/Common/SceneCombiner.cpp of the component...

1 affected package

assimp

Package 20.04 LTS
assimp Needs evaluation
Show less packages

CVE-2026-14191

Medium priority
Needs evaluation

An out-of-bounds heap write exists in the RAR5 recovery-volume (.rev) parser in WinRAR and UnRAR (RecVolumes5::ReadHeader in recvol5.cpp). The RecItems vector is sized only when the first .rev file in a set is processed;...

1 affected package

unrar-nonfree

Package 20.04 LTS
unrar-nonfree Needs evaluation
Show less packages

CVE-2026-41579

Medium priority
Needs evaluation

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions prior to 1.3.6, 1.4.0-rc.1, 1.4.0-rc.12, 1.5.0-rc.1, and 1.5.0-rc.1, when setting up the container rootfs, setupPtmx and...

3 affected packages

runc, runc-app, runc-stable

Package 20.04 LTS
runc Needs evaluation
runc-app Needs evaluation
runc-stable
Show less packages

CVE-2026-54903

Medium priority
Needs evaluation

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in...

1 affected package

ruby-oj

Package 20.04 LTS
ruby-oj Needs evaluation
Show less packages

CVE-2026-54902

Medium priority
Needs evaluation

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, is vulnerable to Use-After-Free when in SAJ mode. The Oj::Parser does not protect cached object keys (≥ 35 bytes) from...

1 affected package

ruby-oj

Package 20.04 LTS
ruby-oj Needs evaluation
Show less packages

CVE-2026-54901

Medium priority
Needs evaluation

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj::Parser in usual mode does not mark array_class and hash_class references during garbage collection, leading to...

1 affected package

ruby-oj

Package 20.04 LTS
ruby-oj Needs evaluation
Show less packages

CVE-2026-54900

Medium priority
Needs evaluation

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in usual mode with create_id enabled, Oj::Parser#parse is vulnerable to heap corruption via a negative-size...

1 affected package

ruby-oj

Package 20.04 LTS
ruby-oj Needs evaluation
Show less packages

CVE-2026-54899

Medium priority
Needs evaluation

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, disabling symbol_keys on a reused Oj::Parser instance triggers a heap use-after-free. When symbol_keys is toggled from...

1 affected package

ruby-oj

Package 20.04 LTS
ruby-oj Needs evaluation
Show less packages

CVE-2026-54898

Medium priority
Needs evaluation

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parser#parse is vulnerable to a heap use-after-free when a SAJ/SAJ2 callback mutates the input JSON string during...

1 affected package

ruby-oj

Package 20.04 LTS
ruby-oj Needs evaluation
Show less packages