|
181
|
- |
|
-
|
-
|
Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file…
New
|
-
|
CVE-2025-70067
|
2026-05-4 23:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
182
|
6.5 |
MEDIUM
Adjacent
|
amazon
|
freertos-plus-tcp
|
Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC ad…
Update
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2026-7422
|
2026-05-4 22:43 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
183
|
6.5 |
MEDIUM
Network
|
devolutions
|
devolutions_server
|
Improper
access control in the vault documentation feature in Devolutions
Server allows an authenticated attacker to read documentation content
from unauthorized vaults via a crafted API request.
…
Update
|
CWE-862
Missing Authorization
|
CVE-2026-6706
|
2026-05-4 22:37 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
184
|
6.5 |
MEDIUM
Adjacent
|
amazon
|
freertos-plus-tcp
|
Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service (device crash) when outgoing pi…
Update
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-7423
|
2026-05-4 22:35 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
185
|
8.1 |
HIGH
Adjacent
|
amazon
|
freertos-plus-tcp
|
Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, an…
Update
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-7424
|
2026-05-4 22:22 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
186
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in which the declared tensor offset and…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-7482
|
2026-05-4 22:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
187
|
6.5 |
MEDIUM
Adjacent
|
amazon
|
freertos-plus-tcp
|
Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2026-7425
|
2026-05-4 22:12 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
188
|
8.1 |
HIGH
Adjacent
|
amazon
|
freertos-plus-tcp
|
Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2026-7426
|
2026-05-4 22:12 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
189
|
9.1 |
CRITICAL
Network
|
rti
|
connext_professional
|
Improper Restriction of XML External Entity Reference vulnerability in Connext Professional (Core Libraries) allows Serialized Data External Linking.This issue affects Connext Professional: from 7.4.…
Update
|
CWE-611
XXE
|
CVE-2025-14543
|
2026-05-4 22:02 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
190
|
7.2 |
HIGH
Network
|
-
|
-
|
Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Information and Consulting Trade and Industry Limited Company SambaBox allows OS Command Injection.
This issue aff…
New
|
CWE-94
Code Injection
|
CVE-2026-3120
|
2026-05-4 21:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
