Search CVE reports


Toggle filters

21 – 30 of 51391 results

Status is adjusted based on your filters.


CVE-2026-55955

Medium priority
Needs evaluation

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 16.04 LTS
tomcat6
tomcat7
tomcat8 Needs evaluation
tomcat9
tomcat10
tomcat11
Show less packages

CVE-2026-55276

Medium priority
Needs evaluation

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat:...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 16.04 LTS
tomcat6
tomcat7
tomcat8 Needs evaluation
tomcat9
tomcat10
tomcat11
Show less packages

CVE-2026-53434

Medium priority
Needs evaluation

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 16.04 LTS
tomcat6
tomcat7
tomcat8 Needs evaluation
tomcat9
tomcat10
tomcat11
Show less packages

CVE-2026-53404

Medium priority
Needs evaluation

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat:...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 16.04 LTS
tomcat6
tomcat7
tomcat8 Needs evaluation
tomcat9
tomcat10
tomcat11
Show less packages

CVE-2026-50229

Medium priority
Needs evaluation

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through...

6 affected packages

tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11

Package 16.04 LTS
tomcat6
tomcat7
tomcat8 Needs evaluation
tomcat9
tomcat10
tomcat11
Show less packages

CVE-2026-13757

Medium priority
Vulnerable

A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() form a mutually-recursive call chain with no recursion depth limit when...

1 affected package

p11-kit

Package 16.04 LTS
p11-kit Vulnerable
Show less packages

CVE-2026-12912

Medium priority
Needs evaluation

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with...

5 affected packages

tiff, qtwebengine-opensource-src, texmaker, gdal, neuron

Package 16.04 LTS
tiff Needs evaluation
qtwebengine-opensource-src
texmaker
gdal
neuron
Show less packages

CVE-2026-54371

Medium priority
Needs evaluation

attr before version 2.6.0 contains a symlink traversal vulnerability in the getfattr and setfattr utilities that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link during directory...

1 affected package

attr

Package 16.04 LTS
attr Needs evaluation
Show less packages

CVE-2026-54370

Medium priority
Needs evaluation

acl before version 2.4.0 contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat()...

1 affected package

acl

Package 16.04 LTS
acl Needs evaluation
Show less packages

CVE-2026-54369

Medium priority
Needs evaluation

acl before version 2.4.0 contains a symlink traversal vulnerability in the libacl pathname-based functions acl_get_file(), acl_set_file(), acl_extended_file(), and acl_delete_def_file() that allows local attackers to escalate...

1 affected package

acl

Package 16.04 LTS
acl Needs evaluation
Show less packages