Search CVE reports


Toggle filters

21 – 30 of 42615 results

Status is adjusted based on your filters.


CVE-2026-53450

Medium priority
Needs evaluation

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects loopback peers by default unless allow-loopback-peers is enabled, but the default loopback guard can be bypassed by using the...

1 affected package

coturn

Package 20.04 LTS
coturn Needs evaluation
Show less packages

CVE-2026-53449

Medium priority
Needs evaluation

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argument and directly passes it to fopen with no path validation. An...

1 affected package

coturn

Package 20.04 LTS
coturn Needs evaluation
Show less packages

CVE-2026-53448

Medium priority
Needs evaluation

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.12.0, the coturn HTTPS admin panel passes HTTP query parameters directly into SQL queries via snprintf string interpolation without sanitization. The...

1 affected package

coturn

Package 20.04 LTS
coturn Needs evaluation
Show less packages

CVE-2026-52761

Medium priority
Needs evaluation

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. From 3.0.0 through 3.0.15, the t:utf8toUnicode transformation in src/actions/transformations/utf8_to_unicode.cc...

1 affected package

modsecurity

Package 20.04 LTS
modsecurity Needs evaluation
Show less packages

CVE-2026-52747

Medium priority
Needs evaluation

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Prior to 3.0.16, the multipart/form-data request body parser in libmodsecurity silently removes embedded line breaks...

1 affected package

modsecurity

Package 20.04 LTS
modsecurity Needs evaluation
Show less packages

CVE-2026-49844

Medium priority
Needs evaluation

Improper encoding of non-finite floating-point values during MapMessage JSON serialization in Apache Log4j API produces output that is not valid JSON. This issue affects Apache Log4j API versions 2.13.1 through 2.25.4 and version...

1 affected package

apache-log4j2

Package 20.04 LTS
apache-log4j2 Needs evaluation
Show less packages

CVE-2026-3494

Medium priority
Needs evaluation

(In MariaDB server version through 11.8.5, when server audit plugin is ...)

5 affected packages

mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6

Package 20.04 LTS
mariadb
mariadb-10.0
mariadb-10.1
mariadb-10.3 Needs evaluation
mariadb-10.6
Show less packages

CVE-2026-15551

Medium priority
Needs evaluation

(Integer overflow or wraparound vulnerability in Samsung Open Source rl ...)

1 affected package

rlottie

Package 20.04 LTS
rlottie Needs evaluation
Show less packages

CVE-2026-15146

Medium priority
Needs evaluation

GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP passive mode. A malicious FTP server, or an HTTP server that redirects to an FTP URL, can exploit this behavior to redirect Wget’s...

1 affected package

wget

Package 20.04 LTS
wget Needs evaluation
Show less packages

CVE-2026-14896

Medium priority
Needs evaluation

(HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespa ...)

1 affected package

nomad

Package 20.04 LTS
nomad Needs evaluation
Show less packages