Search CVE reports


Toggle filters

51 – 60 of 51522 results

Status is adjusted based on your filters.


CVE-2026-7017

Medium priority
Needs evaluation

HTTP::Tiny versions before 0.095 for Perl forward credential headers to cross-origin redirect targets. When the server returns a 3xx redirect, `_maybe_redirect` follows the `Location:` header and `_prepare_headers_and_cb`...

2 affected packages

libhttp-tiny-perl, perl

Package 16.04 LTS
libhttp-tiny-perl
perl Needs evaluation
Show less packages

CVE-2026-53878

Medium priority
Needs evaluation

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. `DomainNameValidator` does not prohibit newlines in domain names (unless used via a form field, since `CharField` strips newlines). If an application uses...

1 affected package

python-django

Package 16.04 LTS
python-django Needs evaluation
Show less packages

CVE-2026-53877

Medium priority
Needs evaluation

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. `django.contrib.gis.gdal.GDALRaster` over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause...

1 affected package

python-django

Package 16.04 LTS
python-django Needs evaluation
Show less packages

CVE-2026-48588

Medium priority
Needs evaluation

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. `UpdateCacheMiddleware` and the `cache_page()` decorator cache responses that vary on cookies when the incoming request carries unrelated cookies, which...

1 affected package

python-django

Package 16.04 LTS
python-django Needs evaluation
Show less packages

CVE-2011-10043

Medium priority
Needs evaluation

Module::Load versions before 0.22 for Perl allow arbitrary modules outside of @INC to be loaded. Module names starting with "::" could be passed to the load function to specify arbitrary module paths. Attackers able to influence...

1 affected package

perl

Package 16.04 LTS
perl Needs evaluation
Show less packages

CVE-2026-14476

Medium priority
Needs evaluation

A path traversal flaw was found in SSSD's AD GPO provider. The ad_gpo_extract_smb_components() function does not sanitize .. sequences in the gPCFileSysPath LDAP attribute, allowing an attacker with AD GPO management access to...

1 affected package

sssd

Package 16.04 LTS
sssd Needs evaluation
Show less packages

CVE-2026-14474

Medium priority
Needs evaluation

A flaw was found in SSSD's LDAP sudo provider. When the ldap_sudo_search_base option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to...

1 affected package

sssd

Package 16.04 LTS
sssd Needs evaluation
Show less packages

CVE-2026-55798

Medium priority
Needs evaluation

Pillow is a Python imaging library. Prior to 12.3.0, WindowsViewer.get_command() constructed a cmd.exe shell command by directly embedding a file path into an f-string without escaping and passed the result to...

2 affected packages

pillow, pillow-python2

Package 16.04 LTS
pillow Needs evaluation
pillow-python2
Show less packages

CVE-2026-55380

Medium priority
Needs evaluation

Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile._open() read image dimensions from the GD 2.x header and stored them in self._size without calling Image._decompression_bomb_check(), allowing a...

2 affected packages

pillow, pillow-python2

Package 16.04 LTS
pillow Needs evaluation
pillow-python2
Show less packages

CVE-2026-55379

Medium priority
Needs evaluation

Pillow is a Python imaging library. Prior to 12.3.0, PIL/BdfFontFile.py bdf_char() read the BBX width and height field from a BDF font file and passed attacker-controlled dimensions to Image.new() without...

2 affected packages

pillow, pillow-python2

Package 16.04 LTS
pillow Needs evaluation
pillow-python2
Show less packages