Search CVE reports


Toggle filters

421 – 430 of 30790 results

Status is adjusted based on your filters.


CVE-2026-56001

Medium priority
Needs evaluation

A heap buffer overflow in BitmapScaleBitmaps in libXfont2 before 2.0.8 due to an overflowing 32bit size could be used by attackers able to access the X Server to execute code within the X server cont

2 affected packages

libxfont, libxfont2

Package 26.04 LTS
libxfont Needs evaluation
libxfont2 Not in release
Show less packages

CVE-2026-56000

Medium priority
Needs evaluation

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent() pointing into...

7 affected packages

xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...

Package 26.04 LTS
xorg Not affected
xorg-server Needs evaluation
xwayland Needs evaluation
xorg-server-hwe-16.04 Not in release
xorg-server-hwe-18.04 Not in release
xorg-hwe-16.04 Not in release
xorg-hwe-18.04 Not in release
Show all 7 packages Show less packages

CVE-2026-55999

Medium priority
Needs evaluation

Local attackers with a X connection able to provide PCX fonts to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a heap buffer overflow via SetFont due to missing glyph boundary checks.

7 affected packages

xorg, xorg-server, xwayland, xorg-server-hwe-16.04, xorg-server-hwe-18.04...

Package 26.04 LTS
xorg Not affected
xorg-server Needs evaluation
xwayland Needs evaluation
xorg-server-hwe-16.04 Not in release
xorg-server-hwe-18.04 Not in release
xorg-hwe-16.04 Not in release
xorg-hwe-18.04 Not in release
Show all 7 packages Show less packages

CVE-2026-60002

Medium priority

Some fixes available 1 of 2

ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)

2 affected packages

openssh, openssh-ssh1

Package 26.04 LTS
openssh Fixed
openssh-ssh1 Ignored
Show less packages

CVE-2026-60001

Medium priority

Some fixes available 1 of 2

sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.

2 affected packages

openssh, openssh-ssh1

Package 26.04 LTS
openssh Fixed
openssh-ssh1 Ignored
Show less packages

CVE-2026-60000

Medium priority

Some fixes available 1 of 2

sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service (resource consumption from excessive authentication attempts) because MaxAuthTries was mishandled for GSSAPIAuthentication.

2 affected packages

openssh, openssh-ssh1

Package 26.04 LTS
openssh Fixed
openssh-ssh1 Ignored
Show less packages

CVE-2026-59999

Medium priority

Some fixes available 1 of 2

In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not.

2 affected packages

openssh, openssh-ssh1

Package 26.04 LTS
openssh Fixed
openssh-ssh1 Ignored
Show less packages

CVE-2026-59998

Medium priority

Some fixes available 1 of 2

sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory.

2 affected packages

openssh, openssh-ssh1

Package 26.04 LTS
openssh Fixed
openssh-ssh1 Ignored
Show less packages

CVE-2026-59997

Medium priority

Some fixes available 1 of 2

internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection.

2 affected packages

openssh, openssh-ssh1

Package 26.04 LTS
openssh Fixed
openssh-ssh1 Ignored
Show less packages

CVE-2026-59996

Medium priority

Some fixes available 1 of 2

scp in OpenSSH before 10.4 may place a file in the parent directory of an intended directory when the copy occurs between two remote destinations.

2 affected packages

openssh, openssh-ssh1

Package 26.04 LTS
openssh Fixed
openssh-ssh1 Ignored
Show less packages