|
2641
|
4.3 |
MEDIUM
Network
|
tp-link
|
tl-wr720n_firmware
|
TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attacker…
|
CWE-352
Origin Validation Error
|
CVE-2018-25321
|
2026-05-19 03:34 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2642
|
6.5 |
MEDIUM
Network
|
open5gs
|
open5gs
|
A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogs_sbi_subscription_data_add/ogs_sbi_nf_service_add in the library /lib/sbi/context.c of the component NRF. Executing …
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-8744
|
2026-05-19 03:34 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2643
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Heap buffer overflow in WebML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Criti…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-8509
|
2026-05-19 03:34 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2644
|
6.5 |
MEDIUM
Network
|
open5gs
|
open5gs
|
A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogs_timer_add in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation le…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-8745
|
2026-05-19 03:34 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2645
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
|
CWE-416
Use After Free
|
CVE-2026-8511
|
2026-05-19 03:34 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2646
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a cr…
|
CWE-416
Use After Free
|
CVE-2026-8512
|
2026-05-19 03:33 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2647
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
|
CWE-416
Use After Free
|
CVE-2026-8514
|
2026-05-19 03:33 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2648
|
8.7 |
HIGH
Network
|
openwebui
|
open_webui
|
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the tool_servers and terminal_servers keys in utils/tools.py do use a prefix. When t…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2026-44552
|
2026-05-19 03:32 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2649
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted H…
|
CWE-416
Use After Free
|
CVE-2026-8515
|
2026-05-19 03:32 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2650
|
5.3 |
MEDIUM
Network
|
pyload
|
pyload
|
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, pyload-ng WebUI returns full Python traceback details to clients on unhandled exceptions. Because /web/<p…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2026-44226
|
2026-05-19 03:25 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
