|
441
|
6.5 |
MEDIUM
Network
|
-
|
-
|
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web c…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-43745
|
2026-06-30 23:10 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
442
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web conten…
New
|
CWE-416
Use After Free
|
CVE-2026-43746
|
2026-06-30 23:10 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
443
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11…
New
|
CWE-80
Basic XSS
|
CVE-2026-50229
|
2026-06-30 23:10 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
444
|
7.3 |
HIGH
Network
|
-
|
-
|
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped.
This …
New
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2026-53404
|
2026-06-30 23:10 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
445
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.…
New
|
CWE-390
Detection of Error Condition Without Action
|
CVE-2026-53434
|
2026-06-30 23:10 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
446
|
8.1 |
HIGH
Network
|
-
|
-
|
Improper Authorization vulnerability in Apache ActiveMQ.
An authenticated low-privilege Web Console user by default can access /admin/* paths in the Web Console. The default Jetty settings incorrect…
New
|
CWE-285
Improper Authorization
|
CVE-2026-49877
|
2026-06-30 23:10 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
447
|
7.5 |
HIGH
Network
|
-
|
-
|
Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.
An attacker that has access to publish or modify entries in LDAP that match the configured se…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-49434
|
2026-06-30 23:10 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
448
|
7.5 |
HIGH
Network
|
-
|
-
|
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All.
An unauthenticated network attacker can cause a broker DoS by sending a cra…
New
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2026-50734
|
2026-06-30 23:10 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
449
|
6.5 |
MEDIUM
Network
|
-
|
-
|
The PixMagix – WordPress Image Editor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.2 via the move_image_on_server function. This makes it possib…
New
|
CWE-22
Path Traversal
|
CVE-2026-11367
|
2026-06-30 23:08 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
450
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Plugin for Google Analytics by IO technologies plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1. This is due to missing or incorrect nonce va…
New
|
CWE-352
Origin Validation Error
|
CVE-2026-8944
|
2026-06-30 23:08 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|