Search CVE reports


Toggle filters

181 – 190 of 38797 results

Status is adjusted based on your filters.


CVE-2026-11310

Medium priority
Needs evaluation

X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only builds with --enable-opensslextra (OPENSSL_EXTRA) and whose application validates certificates by calling...

1 affected package

wolfssl

Package 24.04 LTS
wolfssl Needs evaluation
Show less packages

CVE-2026-10592

Medium priority
Needs evaluation

Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS name constraints could be accepted.

1 affected package

wolfssl

Package 24.04 LTS
wolfssl Needs evaluation
Show less packages

CVE-2026-10512

Medium priority
Needs evaluation

The X25519 x86_64 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field...

1 affected package

wolfssl

Package 24.04 LTS
wolfssl Needs evaluation
Show less packages

CVE-2026-10097

Medium priority
Needs evaluation

wolfSSL's AVX2-optimized ML-KEM implementation (mlkem_cmp_avx2) compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encryption check in ML-KEM-1024 decapsulation. Ciphertexts that differ from the...

1 affected package

wolfssl

Package 24.04 LTS
wolfssl Needs evaluation
Show less packages

CVE-2025-60465

Medium priority
Needs evaluation

A use-after-free in the gf_filter_pid_inst_swap function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted media file.

1 affected package

gpac

Package 24.04 LTS
gpac Needs evaluation
Show less packages

CVE-2025-60464

Medium priority
Needs evaluation

A use-after-free in the gf_sei_load_from_state_internal function (/filters/sei_load.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MPEG-2 TS file.

1 affected package

gpac

Package 24.04 LTS
gpac Needs evaluation
Show less packages

CVE-2026-56789

Medium priority
Needs evaluation

RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory corruption by failing to clamp satellite count values from RINEX epoch headers....

1 affected package

rtklib

Package 24.04 LTS
rtklib Needs evaluation
Show less packages

CVE-2026-56788

Medium priority
Needs evaluation

RTKLIB through 2.4.3 contains an out-of-bounds read vulnerability in getcodepri function when processing unrecognized RINEX observation codes, allowing attackers to trigger denial of service. Crafted RINEX files with unknown...

1 affected package

rtklib

Package 24.04 LTS
rtklib Needs evaluation
Show less packages

CVE-2026-56787

Medium priority
Needs evaluation

RTKLIB through 2.4.3 contains an off-by-one out-of-bounds read vulnerability in the decode_ssr3 function at src/rtcm3.c:1446 that allows remote attackers to trigger a global buffer overflow via crafted RTCM3 SSR messages with...

1 affected package

rtklib

Package 24.04 LTS
rtklib Needs evaluation
Show less packages

CVE-2026-56786

Medium priority
Needs evaluation

RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decode_type1033 function that fails to clamp length counters to destination buffer size, allowing up to 191-byte overflow into fixed 64-byte descriptor fields....

1 affected package

rtklib

Package 24.04 LTS
rtklib Needs evaluation
Show less packages