|
2451
|
- |
|
-
|
-
|
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.
|
CWE-1233
Security-Sensitive Hardware Controls with Missing Lock Bit Protection
|
CVE-2025-61971
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2452
|
- |
|
-
|
-
|
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code executio…
|
CWE-1233
Security-Sensitive Hardware Controls with Missing Lock Bit Protection
|
CVE-2025-61972
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2453
|
- |
|
-
|
-
|
A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2025-62623
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2454
|
- |
|
-
|
-
|
A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2025-62624
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2455
|
- |
|
-
|
-
|
An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting i…
|
CWE-822
Untrusted Pointer Dereference
|
CVE-2025-62627
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2456
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in CodeAstro Online Catering Ordering System 1.0. This affects an unknown function of the file /deleteorder.php. The manipulation of the argument ID leads to sql inject…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-8231
|
2026-05-13 23:48 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2457
|
6.5 |
MEDIUM
Adjacent
|
zyxel
|
wre6505_firmware
|
** UNSUPPORTED WHEN ASSIGNED ** An improper restriction of excessive authentication attempts vulnerability in the web management interface of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could a…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2026-7255
|
2026-05-13 23:48 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2458
|
5.3 |
MEDIUM
Local
|
-
|
-
|
A flaw has been found in Squirrel up to 3.2. Impacted is the function validate_format in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The at…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-8258
|
2026-05-13 23:47 |
2026-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2459
|
5.9 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attac…
|
CWE-119
CWE-122
Incorrect Access of Indexable Resource ('Range Error')
Heap-based Buffer Overflow
|
CVE-2026-8261
|
2026-05-13 23:47 |
2026-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2460
|
7.5 |
HIGH
Network
|
pillarjs
|
multiparty
|
multiparty@4.2.3 and lower versions are vulnerable to denial of service via regular expression backtracking in the Content-Disposition filename parameter parser. A crafted multipart upload with a lon…
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2026-8159
|
2026-05-13 23:44 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
