|
2451
|
- |
|
-
|
-
|
Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BEAM's memory and crash the server by streaming a large or slow-…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-48854
|
2026-06-17 00:35 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2452
|
- |
|
-
|
-
|
Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Message modules) allows a denial of service via a gzip decompression bom…
|
CWE-409
Improper Handling of Highly Compressed Data (Data Amplification)
|
CVE-2026-53430
|
2026-06-17 00:35 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2453
|
8.8 |
HIGH
Network
|
dlink
|
dcs-935l_firmware
|
A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation o…
|
CWE-119
CWE-134
Incorrect Access of Indexable Resource ('Range Error')
Use of Externally-Controlled Format String
|
CVE-2026-12174
|
2026-06-17 00:27 |
2026-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2454
|
6.6 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in GnuTLS. The `gnutls_pkcs11_token_set_pin` function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts t…
|
CWE-825
Expired Pointer Dereference
|
CVE-2026-42014
|
2026-06-17 00:26 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2455
|
6.3 |
MEDIUM
Local
|
-
|
-
|
Nokia SR Linux is vulnerable to local privilege escalation vulnerability due to unsanitized format validation. Successful exploitation of this vulnerability may allow an authenticated user to execute…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2025-10262
|
2026-06-17 00:26 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2456
|
6.3 |
MEDIUM
Local
|
-
|
-
|
Nokia SR Linux is vulnerable to a local privilege escalation vulnerability. Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary commands with superuser …
|
CWE-269
Improper Privilege Management
|
CVE-2025-9912
|
2026-06-17 00:26 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2457
|
- |
|
-
|
-
|
A denial-of-service vulnerability exists in the WebSocket API due to insufficient validation and handling of JSON-based requests. A low-privileged authenticated attacker can send a specially crafted …
|
CWE-1287
Improper Validation of Specified Type of Input
|
CVE-2026-10825
|
2026-06-17 00:26 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2458
|
- |
|
-
|
-
|
A format string vulnerability has been found in the "alias" parameter of the Serial Param configuration page in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and prior. This vulnerability stems fr…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2026-10828
|
2026-06-17 00:26 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2459
|
- |
|
-
|
-
|
A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplie…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-10829
|
2026-06-17 00:26 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2460
|
- |
|
-
|
-
|
A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed C…
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2025-11694
|
2026-06-17 00:26 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
