|
571
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) (All versions < V5.8). User Administrators are allowed to administer groups they belong to. This could …
Update
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-27668
|
2026-04-18 00:18 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
572
|
9.3 |
CRITICAL
Local
|
-
|
-
|
Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal.
Update
|
-
|
CVE-2026-5752
|
2026-04-18 00:17 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
573
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Reflected Cross-Site Scripting (XSS) Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized a…
Update
|
-
|
CVE-2026-5754
|
2026-04-18 00:17 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
574
|
7.5 |
HIGH
Network
|
-
|
-
|
Unauthenticated Configuration File Modification Vulnerability in DRC Central Office Services (COS) allows an attacker to modify the server's configuration file, potentially leading to mass data exfil…
Update
|
-
|
CVE-2026-5756
|
2026-04-18 00:17 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
575
|
7.8 |
HIGH
Local
|
-
|
-
|
It has been identified that a vulnerability (CWE-427) exists in the UPS (Uninterruptible Power Supply) management application, whereby improper permissions on the installation directory allow a malic…
Update
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2026-5397
|
2026-04-18 00:17 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
576
|
2.9 |
LOW
Local
|
-
|
-
|
HCL AION is affected by a vulnerability where certain system behaviours may allow exploration of internal filesystem structures. Exposure of such information may provide insights into the underlying …
Update
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2025-52641
|
2026-04-18 00:17 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
577
|
7.5 |
HIGH
Network
|
-
|
-
|
Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1
allows attackers to consume excessive amounts of disk space via network interface.
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-33618
|
2026-04-18 00:17 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
578
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Versions of the package github.com/yuin/goldmark/renderer/html before 1.7.17 are vulnerable to Cross-site Scripting (XSS) due to improper ordering of URL validation and normalization. The renderer va…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2026-5160
|
2026-04-18 00:17 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
579
|
6.5 |
MEDIUM
Network
|
-
|
-
|
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve…
Update
|
-
|
CVE-2026-5758
|
2026-04-18 00:17 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
580
|
7.3 |
HIGH
Local
|
-
|
-
|
A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's `ReadJeffsImage` function allows an attacker to write beyond an allocated buffer by processing a spec…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-6384
|
2026-04-18 00:17 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
