Search CVE reports


Toggle filters

1 – 10 of 28179 results

Status is adjusted based on your filters.


CVE-2025-26819

Medium priority

Not in release

Monero through 0.18.3.4 before ec74ff4 does not have response limits on HTTP server connections.

1 affected package

monero

Package 20.04 LTS
monero Not in release
Show less packages

CVE-2025-26791

Medium priority

Not in release

DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).

1 affected package

node-dompurify

Package 20.04 LTS
node-dompurify Not in release
Show less packages

CVE-2025-25304

Medium priority

Not in release

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. Prior to version 5.26.0 of vega and 5.4.2 of vega-selections, the `vlSelectionTuples` function can be used...

1 affected package

vega.js

Package 20.04 LTS
vega.js Not in release
Show less packages

CVE-2025-25204

Medium priority

Not in release

`gh` is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool `gh attestation verify` causes it to return a zero exit...

1 affected package

gh

Package 20.04 LTS
gh Not in release
Show less packages

CVE-2025-25186

Medium priority
Needs evaluation

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion...

7 affected packages

jruby, ruby2.3, ruby2.5, ruby2.7, ruby3.0...

Package 20.04 LTS
jruby Needs evaluation
ruby2.3 Not in release
ruby2.5 Not in release
ruby2.7 Needs evaluation
ruby3.0 Not in release
ruby3.2 Not in release
ruby3.3 Not in release
Show all 7 packages Show less packages

CVE-2025-1378

Medium priority
Needs evaluation

A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An...

1 affected package

radare2

Package 20.04 LTS
radare2 Needs evaluation
Show less packages

CVE-2025-1377

Medium priority
Needs evaluation

A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial...

1 affected package

elfutils

Package 20.04 LTS
elfutils Needs evaluation
Show less packages

CVE-2025-1376

Medium priority
Needs evaluation

A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of...

1 affected package

elfutils

Package 20.04 LTS
elfutils Needs evaluation
Show less packages

CVE-2025-1373

Medium priority
Needs evaluation

A vulnerability was found in FFmpeg up to 7.1. It has been rated as problematic. Affected by this issue is the function mov_read_trak of the file libavformat/mov.c of the component MOV Parser. The manipulation leads to null...

2 affected packages

ffmpeg, libav

Package 20.04 LTS
ffmpeg Needs evaluation
libav Not in release
Show less packages

CVE-2025-1372

Medium priority
Needs evaluation

A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf. The...

1 affected package

elfutils

Package 20.04 LTS
elfutils Needs evaluation
Show less packages