|
571
|
7.8 |
HIGH
Local
|
-
|
-
|
RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-5405
|
2026-05-2 00:27 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
572
|
7.0 |
HIGH
Local
|
-
|
-
|
Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution
|
CWE-22
Path Traversal
|
CVE-2026-5656
|
2026-05-2 00:27 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
573
|
- |
|
-
|
-
|
Insufficient Verification of Data Authenticity vulnerability in hexpm hex (Hex.RemoteConverger module) allows dependency integrity bypass via unverified lockfile checksums.
Hex stores checksums for …
|
CWE-354
CWE-494
Improper Validation of Integrity Check Value
Download of Code Without Integrity Check
|
CVE-2026-32148
|
2026-05-2 00:26 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
574
|
7.2 |
HIGH
Network
|
-
|
-
|
Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticat…
|
CWE-78
OS Command
|
CVE-2026-7461
|
2026-05-2 00:26 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
575
|
3.5 |
LOW
Network
|
-
|
-
|
A weakness has been identified in LinkStackOrg LinkStack up to 4.8.6. Impacted is the function editPage of the file app/Http/Controllers/UserController.php. Executing a manipulation of the argument p…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7501
|
2026-05-2 00:26 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
576
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in LinkStackOrg LinkStack up to 4.8.6. The affected element is the function saveLink of the file app/Http/Controllers/UserController.php of the component Ma…
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-7502
|
2026-05-2 00:26 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
577
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in code-projects for Plugin 4.1.2cu.5137. The impacted element is the function setWiFiMultipleConfig in the library /lib/cste_modules/wireless.so of the file /cgi-bin/cst…
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-7503
|
2026-05-2 00:26 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
578
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. This affects an unknown function of the component RPC Handler. This manipulation causes improper authorization. The attac…
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-7505
|
2026-05-2 00:26 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
579
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in SourceCodester Hotel Management System 1.0. This impacts an unknown function of the file /index.php/reservation/check. Such manipulation of the argument room_type le…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7506
|
2026-05-2 00:26 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
580
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in OWAP DefectDojo up to 2.55.4. Affected by this vulnerability is an unknown functionality of the component Benchmark/Engagement/Product/Survey. Executing a manipulati…
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-7510
|
2026-05-2 00:26 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
