|
11
|
7.1 |
HIGH
Network
|
7-zip
|
7-zip
|
7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an off-by-one out-of-bounds read vulnerability in the ParseDepedencyExpression function of the UEFI firmwar…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-48111
|
2026-06-9 03:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
12
|
8.1 |
HIGH
Network
|
7-zip
|
7-zip
|
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset integer overflow on 32-bit builds. 32-bit integer ove…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-48092
|
2026-06-9 03:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
13
|
8.8 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in Tenda F451 1.0.0.7/1.0.0.9. Impacted is the function formWriteFacMac of the file /goform/WriteFacMac of the component Web Management Interface. Performing a man…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-11556
|
2026-06-9 03:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
14
|
3.7 |
LOW
Network
|
-
|
-
|
A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least …
New
|
CWE-266
CWE-272
Incorrect Privilege Assignment
Least Privilege Violation
|
CVE-2026-11555
|
2026-06-9 03:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
15
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in TOTOLINK CP450 4.1.0cu.747. This vulnerability affects unknown code of the file /etc/vsftpd.conf of the component vsftpd. This manipulation causes least privilege vi…
New
|
CWE-266
CWE-272
Incorrect Privilege Assignment
Least Privilege Violation
|
CVE-2026-11554
|
2026-06-9 03:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
16
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon. This affects the function formPPPEdit of the file /boaform/formPPPEdit. The manipulation of the argument encodename results in st…
New
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-11553
|
2026-06-9 03:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
17
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management and Examination System 1.0. Affected by this issue is some unk…
New
|
CWE-255
CWE-259
Credentials Management
Use of Hard-coded Password
|
CVE-2026-11552
|
2026-06-9 03:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
18
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Inappropriate implementation in Web Share in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a craf…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-11128
|
2026-06-9 03:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
19
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chro…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-11126
|
2026-06-9 03:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
20
|
8.8 |
HIGH
Network
|
-
|
-
|
Integer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-11124
|
2026-06-9 03:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
