|
981
|
7.3 |
HIGH
Local
|
aiohttp
|
aiohttp
|
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, using ``CookieJar.load()`` with untrusted input may allow arbitrary code execution. Most appli…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-34993
|
2026-06-5 22:44 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
982
|
7.5 |
HIGH
Network
|
aiohttp
|
aiohttp
|
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, cookies set with the `cookies` parameter on requests are sent after following a cross-origin r…
|
CWE-346
Origin Validation Error
|
CVE-2026-47265
|
2026-06-5 22:39 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
983
|
7.8 |
HIGH
Local
|
-
|
-
|
A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroy…
|
CWE-416
Use After Free
|
CVE-2026-50260
|
2026-06-5 22:27 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
984
|
7.8 |
HIGH
Local
|
-
|
-
|
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via …
|
CWE-416
Use After Free
|
CVE-2026-50261
|
2026-06-5 22:27 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
985
|
5.5 |
MEDIUM
Local
|
-
|
-
|
An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding …
|
CWE-125
Out-of-bounds Read
|
CVE-2026-50262
|
2026-06-5 22:27 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
986
|
5.5 |
MEDIUM
Local
|
-
|
-
|
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, le…
|
CWE-416
Use After Free
|
CVE-2026-50263
|
2026-06-5 22:27 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
987
|
7.8 |
HIGH
Local
|
-
|
-
|
An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFro…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-50264
|
2026-06-5 22:27 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
988
|
3.3 |
LOW
Local
|
-
|
-
|
A vulnerability was found in bytedance InfiniStore up to 0.2.33. The impacted element is the function purge_kv_map in the library /src/infinistore.h of the component KV Map Handler. Performing a mani…
|
CWE-404
CWE-407
Improper Resource Shutdown or Release
Inefficient Algorithmic Complexity
|
CVE-2026-11312
|
2026-06-5 22:27 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
989
|
3.6 |
LOW
Local
|
-
|
-
|
A vulnerability has been found in onnx onnx-mlir up to 0.5.0.0. Affected by this issue is the function generate_hash_key of the file src/Runtime/python/torch_onnxmlir/src/torch_onnxmlir/backend.py of…
|
CWE-327
CWE-328
Use of a Broken or Risky Cryptographic Algorithm
Use of Weak Hash
|
CVE-2026-11329
|
2026-06-5 22:26 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
990
|
7.2 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the function start_6rd_tunnel of the file /sbin/rc of the component Web UI. Such manipulation of the argument ipv…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-10871
|
2026-06-5 22:26 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
