Search CVE reports

Toggle filters

311 – 320 of 49990 results

Status is adjusted based on your filters.

CVE-2026-42501

Medium priority
Needs evaluation

A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy (GOMODPROXY) or checksum...

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 16.04 LTS
golang
golang-1.6 Needs evaluation
golang-1.8
golang-1.9
golang-1.10 Needs evaluation
golang-1.13 Needs evaluation
golang-1.14
golang-1.16
golang-1.17
golang-1.18 Needs evaluation
golang-1.20
golang-1.21
golang-1.22
golang-1.23
golang-1.24
golang-1.25
Show all 16 packages Show less packages

CVE-2026-42499

Medium priority
Needs evaluation

Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 16.04 LTS
golang
golang-1.6 Needs evaluation
golang-1.8
golang-1.9
golang-1.10 Needs evaluation
golang-1.13 Needs evaluation
golang-1.14
golang-1.16
golang-1.17
golang-1.18 Needs evaluation
golang-1.20
golang-1.21
golang-1.22
golang-1.23
golang-1.24
golang-1.25
Show all 16 packages Show less packages

CVE-2026-42225

Medium priority
Needs evaluation

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport (sip_transport_tls) can accept connections with invalid or untrusted certificates even...

2 affected packages

asterisk, pjproject

Package 16.04 LTS
asterisk Needs evaluation
pjproject Needs evaluation
Show less packages

CVE-2026-39836

Medium priority
Needs evaluation

The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 16.04 LTS
golang
golang-1.6 Needs evaluation
golang-1.8
golang-1.9
golang-1.10 Needs evaluation
golang-1.13 Needs evaluation
golang-1.14
golang-1.16
golang-1.17
golang-1.18 Needs evaluation
golang-1.20
golang-1.21
golang-1.22
golang-1.23
golang-1.24
golang-1.25
Show all 16 packages Show less packages

CVE-2026-39826

Medium priority
Needs evaluation

If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the <script> block.

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 16.04 LTS
golang
golang-1.6 Needs evaluation
golang-1.8
golang-1.9
golang-1.10 Needs evaluation
golang-1.13 Needs evaluation
golang-1.14
golang-1.16
golang-1.17
golang-1.18 Needs evaluation
golang-1.20
golang-1.21
golang-1.22
golang-1.23
golang-1.24
golang-1.25
Show all 16 packages Show less packages

CVE-2026-39825

Medium priority
Needs evaluation

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to...

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 16.04 LTS
golang
golang-1.6 Needs evaluation
golang-1.8
golang-1.9
golang-1.10 Needs evaluation
golang-1.13 Needs evaluation
golang-1.14
golang-1.16
golang-1.17
golang-1.18 Needs evaluation
golang-1.20
golang-1.21
golang-1.22
golang-1.23
golang-1.24
golang-1.25
Show all 16 packages Show less packages

CVE-2026-39823

Medium priority
Needs evaluation

CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a <meta> tag's <content> attribute. If the URL content were to insert ASCII whitespaces around the '=' rune inside of the <content> attribute,...

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 16.04 LTS
golang
golang-1.6 Needs evaluation
golang-1.8
golang-1.9
golang-1.10 Needs evaluation
golang-1.13 Needs evaluation
golang-1.14
golang-1.16
golang-1.17
golang-1.18 Needs evaluation
golang-1.20
golang-1.21
golang-1.22
golang-1.23
golang-1.24
golang-1.25
Show all 16 packages Show less packages

CVE-2026-39820

Medium priority
Needs evaluation

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 16.04 LTS
golang
golang-1.6 Needs evaluation
golang-1.8
golang-1.9
golang-1.10 Needs evaluation
golang-1.13 Needs evaluation
golang-1.14
golang-1.16
golang-1.17
golang-1.18 Needs evaluation
golang-1.20
golang-1.21
golang-1.22
golang-1.23
golang-1.24
golang-1.25
Show all 16 packages Show less packages

CVE-2026-39819

Medium priority
Needs evaluation

The "go bug" command writes to two files with predictable names in the system temporary directory (for example, "/tmp"). An attacker with access to the temporary directory can create a symlink in one of these names, causing "go...

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 16.04 LTS
golang
golang-1.6 Needs evaluation
golang-1.8
golang-1.9
golang-1.10 Needs evaluation
golang-1.13 Needs evaluation
golang-1.14
golang-1.16
golang-1.17
golang-1.18 Needs evaluation
golang-1.20
golang-1.21
golang-1.22
golang-1.23
golang-1.24
golang-1.25
Show all 16 packages Show less packages

CVE-2026-39817

Medium priority
Needs evaluation

The "go tool pack" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the "pack" subcommand can write files to...

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 16.04 LTS
golang
golang-1.6 Needs evaluation
golang-1.8
golang-1.9
golang-1.10 Needs evaluation
golang-1.13 Needs evaluation
golang-1.14
golang-1.16
golang-1.17
golang-1.18 Needs evaluation
golang-1.20
golang-1.21
golang-1.22
golang-1.23
golang-1.24
golang-1.25
Show all 16 packages Show less packages
  1. Previous page
  2. 30
  3. 31
  4. 32
  5. 33
  6. 34
  7. Next page
Export to JSON