Search CVE reports


Toggle filters

51 – 60 of 51633 results

Status is adjusted based on your filters.


CVE-2026-47303

Medium priority

Not in release

Authentication bypass by assumed-immutable data in ASP.NET Core allows an authorized attacker to elevate privileges over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 16.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-47302

Medium priority

Not in release

Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 16.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-47300

Medium priority

Not in release

Incorrect implementation of authentication algorithm in ASP.NET Core allows an authorized attacker to elevate privileges over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 16.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-57108

Medium priority

Not in release

Access of resource using incompatible type ('type confusion') in .NET Core allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 16.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-59886

Medium priority
Needs evaluation

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the univ.Real type converted its mantissa, base, and exponent value to a Python float using exact big-integer exponentiation. A BER, CER, or DER encoded REAL value only...

1 affected package

pyasn1

Package 16.04 LTS
pyasn1 Needs evaluation
Show less packages

CVE-2026-59885

Medium priority
Needs evaluation

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER, CER, and DER decoders process OBJECT IDENTIFIER and RELATIVE-OID values in quadratic time relative to the number of arcs, so a small crafted payload containing...

1 affected package

pyasn1

Package 16.04 LTS
pyasn1 Needs evaluation
Show less packages

CVE-2026-59884

Medium priority
Needs evaluation

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER decoder shared by the CER and DER codecs parses long-form tags by accumulating continuation octets without an upper bound on the tag ID size, allowing a crafted...

1 affected package

pyasn1

Package 16.04 LTS
pyasn1 Needs evaluation
Show less packages

CVE-2026-59200

Medium priority
Needs evaluation

Pillow is a Python imaging library. From 5.1.0 until 12.3.0, PdfParser.PdfStream.decode() in PIL/PdfParser.py calls zlib.decompress() with bufsize set to the PDF stream Length field without bounding the decompressed output size,...

2 affected packages

pillow, pillow-python2

Package 16.04 LTS
pillow Needs evaluation
pillow-python2
Show less packages

CVE-2026-59197

Medium priority
Needs evaluation

Pillow is a Python imaging library. Prior to 12.3.0, Pillow's public rank-filter API can trigger a native heap out-of-bounds write when given a very large odd filter size because ImageFilter.RankFilter.filter()...

2 affected packages

pillow, pillow-python2

Package 16.04 LTS
pillow Needs evaluation
pillow-python2
Show less packages

CVE-2026-54058

Medium priority
Needs evaluation

Pillow is a Python imaging library. Prior to 12.3.0, when Pillow loads an uncompressed McIdas AREA image from a filename through the mmap raw codec path, attacker-controlled header words can set a row stride smaller than the...

2 affected packages

pillow, pillow-python2

Package 16.04 LTS
pillow Needs evaluation
pillow-python2
Show less packages