|
261
|
8.0 |
HIGH
Network
|
termix
|
termix
|
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Starting in version 1.7.0, Termix Desktop (Electron) disables TLS certificate validation,…
Update
|
CWE-295
Improper Certificate Validation
|
CVE-2026-45745
|
2026-06-9 00:02 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262
|
- |
|
-
|
-
|
Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility Processing. In versions prio…
New
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2026-45409
|
2026-06-9 00:02 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263
|
- |
|
-
|
-
|
Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb.
Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large ser…
New
|
CWE-409
Improper Handling of Highly Compressed Data (Data Amplification)
|
CVE-2026-10725
|
2026-06-9 00:02 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Integer overflow in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium s…
Update
|
CWE-472
CWE-190
External Control of Assumed-Immutable Web Parameter
Integer Overflow or Wraparound
|
CVE-2026-11044
|
2026-06-9 00:01 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265
|
- |
|
-
|
-
|
A stack‑based
buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF CreateUsers service, where
the device fails to properly validate the number of XML user nodes during
request processi…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-6239
|
2026-06-9 00:01 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266
|
- |
|
-
|
-
|
A stack-based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF DeleteUsers service, due to insufficient boundary checks when handling multiple user deletion parameters. An authenti…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-6240
|
2026-06-9 00:01 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267
|
- |
|
-
|
-
|
An authenticated format string vulnerability is present in the ONVIF AddScopes in Tapo C520WS v2, where user-controlled input is improperly passed to formatting functions without adequate sanitizatio…
New
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2026-6241
|
2026-06-9 00:01 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268
|
- |
|
-
|
-
|
An authenticated format string vulnerability exists in the ONVIF Subscribe service in Tapo C520WS v2 due to improper handling of externally supplied parameters within formatting functions. An attacke…
New
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2026-6242
|
2026-06-9 00:01 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269
|
- |
|
-
|
-
|
On Tapo
C520WS v2, restricted accounts (for example, hub users) are intended to execute
only a limited set of low‑sensitivity operations. Due to a logic flaw in the
device’s API authorization mechani…
New
|
CWE-287
Improper Authentication
|
CVE-2026-34123
|
2026-06-9 00:01 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270
|
- |
|
-
|
-
|
This vulnerability exists in Bagisto due to improper validation of user-supplied input in the ImageCacheController component. An unauthenticated remote attacker could exploit this vulnerability by se…
New
|
CWE-22
Path Traversal
|
CVE-2026-9506
|
2026-06-9 00:01 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
