|
501
|
- |
|
-
|
-
|
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is…
New
|
CWE-77
CWE-93
Command Injection
CRLF Injection
|
CVE-2026-42257
|
2026-05-10 05:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
502
|
- |
|
-
|
-
|
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating…
New
|
CWE-770
CWE-1322
Allocation of Resources Without Limits or Throttling
|
CVE-2026-42256
|
2026-05-10 05:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
503
|
- |
|
-
|
-
|
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAP#startt…
New
|
CWE-392
CWE-393
CWE-636
CWE-754
CWE-841
Missing Report of Error Condition
Return of Wrong Status Code
Not Failing Securely ('Failing Open')
Improper Check for Unusual or Exceptional Conditions
Improper Enforcement of Behavioral Workflow
|
CVE-2026-42246
|
2026-05-10 05:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
504
|
- |
|
-
|
-
|
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when re…
New
|
CWE-407
Inefficient Algorithmic Complexity
|
CVE-2026-42245
|
2026-05-10 05:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
505
|
- |
|
-
|
-
|
Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.25.0, the HTTP login endpoints (POST /login and POST /signalk/v1/auth/login) are protected by express-…
New
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2026-41893
|
2026-05-10 05:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
506
|
- |
|
-
|
-
|
Allocation of Resources Without Limits or Throttling vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via atom table exhaustion when parsing attacker-controlled Gra…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-42793
|
2026-05-9 22:16 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
507
|
5.3 |
MEDIUM
Adjacent
|
-
|
-
|
Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to…
|
-
|
CVE-2026-32683
|
2026-05-9 18:16 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
508
|
9.1 |
CRITICAL
Network
|
apache
|
cloudstack
|
Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants.
This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0.
The Proxm…
|
CWE-200
Information Exposure
|
CVE-2026-25199
|
2026-05-9 16:16 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
509
|
5.3 |
MEDIUM
Network
|
apache
|
cloudstack
|
Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the platform are able to exceed the allocation limi…
|
CWE-367
CWE-770
Time-of-check Time-of-use (TOCTOU) Race Condition
Allocation of Resources Without Limits or Throttling
|
CVE-2025-69233
|
2026-05-9 16:16 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
510
|
6.5 |
MEDIUM
Network
|
-
|
-
|
The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is e…
|
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2025-66171
|
2026-05-9 16:16 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
