|
2221
|
7.8 |
HIGH
Local
|
qualcomm
|
snapdragon_g1_gen_2_gaming_platform_firmware
ar8035_firmware
csra6620_firmware
csra6640_firmware
fastconnect_6200_firmware
fastconnect_6700_firmware
fastconnect_6800_firmware
fas…
|
Memory Corruption when processing device identifier strings that exceed the expected maximum length.
|
CWE-787
Out-of-bounds Write
|
CVE-2025-59605
|
2026-06-3 03:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2222
|
7.8 |
HIGH
Local
|
qualcomm
|
cologne_firmware
cq7790_firmware
cq8725s_firmware
cq8750m_firmware
fastconnect_6200_firmware
wsa8840_firmware
wsa8845_firmware
wsa8845h_firmware
wsa8850_firmware
wsa8850w_f…
|
Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-59606
|
2026-06-3 03:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2223
|
5.5 |
MEDIUM
Network
|
qualcomm
|
5g_fixed_wireless_access_platform_firmware
ar8035_firmware
csr8811_firmware
fastconnect_6700_firmware
fastconnect_6900_firmware
sxr2250p_firmware
wcd9340_firmware
wcd9370_firmwar…
|
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length.
|
CWE-126
Buffer Over-read
|
CVE-2025-59609
|
2026-06-3 03:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2224
|
7.5 |
HIGH
Network
|
ultrajson_project
|
ultrajson
|
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.12.1, when ujson.dump() writes to a file-like object and the write operation raises an excepti…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-44660
|
2026-06-3 03:00 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2225
|
7.8 |
HIGH
Local
|
cnighswonger
|
claude-code-cache-fix
|
claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh (introduced in v3.5.0) interpolates Claude Code's hook stdin payload directl…
|
CWE-78
CWE-94
OS Command
Code Injection
|
CVE-2026-45136
|
2026-06-3 02:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2226
|
7.8 |
HIGH
Local
|
-
|
-
|
A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admi…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2026-40619
|
2026-06-3 02:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2227
|
3.1 |
LOW
Network
|
-
|
-
|
HCL iReflection Third party vulnerable and outdated components issue was detected in the web application
|
-
|
CVE-2024-42206
|
2026-06-3 02:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2228
|
6.3 |
MEDIUM
Network
|
-
|
-
|
CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP AS_PATH mask matching implementation in nest/a-path.c. The as_path_match() function uses a fixed-s…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-49943
|
2026-06-3 02:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2229
|
7.4 |
HIGH
Adjacent
|
linuxfoundation
|
volcano
|
Volcano is a Kubernetes-native batch scheduling system. Prior to v1.14.2, v1.13.3, and v1.12.4, the Volcano webhook server does not enforce a size limit on incoming HTTP request bodies. Any in-cluste…
|
CWE-400
CWE-770
Uncontrolled Resource Consumption
Allocation of Resources Without Limits or Throttling
|
CVE-2026-44247
|
2026-06-3 02:25 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2230
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in DedeCMS 5.7.88. The affected element is the function TrimMsg of the file /plus/feedback.php of the component Feedback Handler. Executing a manipulation of the argume…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-10606
|
2026-06-3 02:19 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
