|
41
|
- |
|
-
|
-
|
An issue in the Bluetooth Low Energy (BLE) control interface of the Yamaha SR-B30A sound bar firmware 2.40 (Mobile App: Sound Bar Remote / version: 2.40) allows remote attackers within BLE radio rang…
New
|
-
|
CVE-2026-37100
|
2026-04-17 01:16 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
42
|
7.1 |
HIGH
Network
|
-
|
-
|
An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-m…
New
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2026-30459
|
2026-04-17 01:16 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
43
|
7.8 |
HIGH
Local
|
adobe
|
indesign
|
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory st…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-27284
|
2026-04-17 00:35 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
44
|
7.8 |
HIGH
Local
|
adobe
|
indesign
|
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of thi…
New
|
CWE-416
Use After Free
|
CVE-2026-27283
|
2026-04-17 00:35 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
45
|
7.8 |
HIGH
Local
|
adobe
|
indesign
|
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploit…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-27238
|
2026-04-17 00:35 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
46
|
5.5 |
MEDIUM
Local
|
adobe
|
indesign
|
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disc…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-27286
|
2026-04-17 00:33 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
47
|
5.5 |
MEDIUM
Local
|
adobe
|
indesign
|
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerab…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-27285
|
2026-04-17 00:32 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
48
|
- |
|
-
|
-
|
A Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured messages—specifically those containing negative varints or dee…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-6409
|
2026-04-17 00:17 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
49
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Long Watch Studio MyRewards woorewards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyRewards: from n/a through <=…
New
|
CWE-862
Missing Authorization
|
CVE-2026-40786
|
2026-04-17 00:17 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
50
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Majestic Support Majestic Support majestic-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Majestic Support: …
New
|
CWE-862
Missing Authorization
|
CVE-2026-40778
|
2026-04-17 00:17 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
