|
1901
|
7.8 |
HIGH
Local
|
-
|
-
|
Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-34676
|
2026-05-13 03:55 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1902
|
7.8 |
HIGH
Local
|
-
|
-
|
Illustrator versions 29.8.6, 30.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-34687
|
2026-05-13 03:55 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1903
|
7.5 |
HIGH
Network
|
openjsf
|
fast-uri
|
fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its normalize() and equal() functions. Encoded path data was treated like real slashes and par…
|
CWE-22
Path Traversal
|
CVE-2026-6321
|
2026-05-13 03:54 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1904
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/sched: act_skbedit: fix divide-by-zero in tcf_skbedit_hash()
Commit 38a6f0865796 ("net: sched: support hash selecting tx queu…
|
CWE-369
Divide By Zero
|
CVE-2026-43238
|
2026-05-13 03:54 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1905
|
8.8 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
smb: client: prevent races in ->query_interfaces()
It was possible for two query interface works to be concurrently trying
to upd…
|
NVD-CWE-noinfo
|
CVE-2026-43239
|
2026-05-13 03:53 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1906
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: chipidea: udc: fix DMA and SG cleanup in _ep_nuke()
The ChipIdea UDC driver can encounter "not page aligned sg buffer"
error…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-43250
|
2026-05-13 03:51 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1907
|
9.8 |
CRITICAL
Network
|
paloaltonetworks
siemens
|
pan-os
ruggedcom_ape1808_firmware
|
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code w…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-0300
|
2026-05-13 03:47 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1908
|
7.5 |
HIGH
Network
|
apple
|
ipados
iphone_os
macos
tvos
visionos
watchos
|
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-28990
|
2026-05-13 03:46 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1909
|
7.5 |
HIGH
Network
|
apple
|
ipados
iphone_os
macos
tvos
visionos
watchos
|
This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watch…
|
CWE-284
Improper Access Control
|
CVE-2026-28974
|
2026-05-13 03:46 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1910
|
7.5 |
HIGH
Network
|
apple
|
ipados
iphone_os
|
A privacy issue was addressed with improved checks. This issue is fixed in iOS 26.5 and iPadOS 26.5. A user may be able to view restricted content from the lock screen.
|
CWE-284
Improper Access Control
|
CVE-2026-28965
|
2026-05-13 03:46 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
