|
421
|
8.0 |
HIGH
Network
|
microsoft
|
sharepoint_server
|
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Update
|
CWE-285
Improper Authorization
|
CVE-2026-47298
|
2026-06-13 01:00 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
422
|
8.8 |
HIGH
Network
|
-
|
-
|
The SSH service of CelloOS developed by Cellopoint has an Improper Access Control vulnerability, allowing authenticated remote attackers to bypass the enforced command restrictions and execute operat…
New
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2026-12059
|
2026-06-13 01:00 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
423
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Heptabase developed by Hepta Platforms has a Exposed Dangerous Method or Function vulnerability, allowing unauthenticated remote attackers to leverage social engineering techniques to trick a victim …
New
|
CWE-749
Exposed Dangerous Method or Function
|
CVE-2026-12060
|
2026-06-13 01:00 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
424
|
4.9 |
MEDIUM
Network
|
-
|
-
|
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Arbitrary File Read vulnerability, allowing privileged remote attackers to access files outside the intended director…
New
|
CWE-22
Path Traversal
|
CVE-2026-11844
|
2026-06-13 01:00 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
425
|
7.2 |
HIGH
Network
|
-
|
-
|
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a OS Command Injection vulnerability, allowing privileged remote attackers to inject arbitrary OS commands and execute …
New
|
CWE-78
OS Command
|
CVE-2026-11845
|
2026-06-13 01:00 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
426
|
8.1 |
HIGH
Network
|
-
|
-
|
The
iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has an Arbitrary File Deletion vulnerability, allowing authenticated remote attackers to exploit this vulnerability to del…
New
|
CWE-22
Path Traversal
|
CVE-2026-11846
|
2026-06-13 01:00 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
427
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The
iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Path Traversal vulnerability, allowing authenticated remote attackers to exploit this vulnerability to create direc…
New
|
CWE-22
Path Traversal
|
CVE-2026-11847
|
2026-06-13 01:00 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
428
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain par…
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-11848
|
2026-06-13 01:00 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
429
|
9.8 |
CRITICAL
Network
|
-
|
-
|
The
iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain adminis…
New
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2026-11849
|
2026-06-13 01:00 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
430
|
- |
|
-
|
-
|
MobaXterm Personal Edition (Portable), in its 26.3 version (Build 5154), allows arbitrary code execution by loading malicious DLLs from a temporary directory that is predictable and can be modified b…
New
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2026-11879
|
2026-06-13 01:00 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
