|
671
|
6.8 |
MEDIUM
Adjacent
|
sonicwall
|
sonicos
|
A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services.
Update
|
CWE-35
Path Traversal: '.../...//'
|
CVE-2026-0205
|
2026-05-6 01:12 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
672
|
8.0 |
HIGH
Adjacent
|
sonicwall
|
sonicos
|
A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific conditions.
Update
|
CWE-306
CWE-1390
Missing Authentication for Critical Function
Weak Authentication
|
CVE-2026-0204
|
2026-05-6 01:11 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
673
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-6525
|
2026-05-6 00:42 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
674
|
7.8 |
HIGH
Local
|
entechtaiwan
|
tvicport
|
An issue in the TVicPort64.sys component of EnTech Taiwan TVicPort Product v4.0, File v5.2.1.0 allows attackers to escalate privileges via sending crafted IOCTL 0x80002008 requests.
Update
|
CWE-20
CWE-269
Improper Input Validation
Improper Privilege Management
|
CVE-2026-30769
|
2026-05-5 23:31 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
675
|
4.3 |
MEDIUM
Network
|
jenkins
|
azure_ad
|
Jenkins Microsoft Entra ID (previously Azure AD) Plugin 666.v6060de32f87d and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks.
Update
|
CWE-601
Open Redirect
|
CVE-2026-42525
|
2026-05-5 23:25 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
676
|
8.8 |
HIGH
Network
|
agilonhealth
|
minerva
|
An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their …
Update
|
CWE-285
Improper Authorization
|
CVE-2026-5781
|
2026-05-5 23:24 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
677
|
8.1 |
HIGH
Network
|
agilonhealth
|
minerva
|
An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authentic…
Update
|
CWE-284
Improper Access Control
|
CVE-2026-5780
|
2026-05-5 23:22 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
678
|
5.5 |
MEDIUM
Local
|
canonical
|
pdfunite
|
PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by processing malformed PDF files during merge operations. Attackers can trigger a segmen…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25306
|
2026-05-5 23:22 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
679
|
8.8 |
HIGH
Network
|
agilonhealth
|
minerva
|
An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/user/updateUserProfile' endpoint. This allows an authenticated user to modify the inf…
Update
|
CWE-284
Improper Access Control
|
CVE-2026-5779
|
2026-05-5 23:20 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
680
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A security vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24. This issue affects the function get_csrf_whites of the file /cgi/advanced/misc_main.cgi. Such manipulation leads to stack-bas…
New
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-7834
|
2026-05-5 23:16 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
