|
1941
|
4.2 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in Keycloak, an open-source identity and access management solution. When a client application is configured to accept broad redirect Uniform Resource Identifiers (URIs), a remote at…
|
CWE-1288
Improper Validation of Consistency within Input
|
CVE-2026-9689
|
2026-05-27 23:54 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1942
|
7.1 |
HIGH
Network
|
-
|
-
|
A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem wri…
|
CWE-284
Improper Access Control
|
CVE-2026-1933
|
2026-05-27 23:54 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1943
|
6.8 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subject_token JSON Web Token (JWT) to the TokenEndpoint. When the token …
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2026-9704
|
2026-05-27 23:54 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1944
|
5.3 |
MEDIUM
Network
|
-
|
-
|
IBM SDI 7.2.0.0 through 7.2.0.14 and IBM Security Directory Integrator 10.0.0.0 through 10.0.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message …
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-28765
|
2026-05-27 23:53 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1945
|
5.9 |
MEDIUM
Network
|
-
|
-
|
IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log…
|
CWE-521
Weak Password Requirements
|
CVE-2024-40684
|
2026-05-27 23:53 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1946
|
7.2 |
HIGH
Network
|
-
|
-
|
IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating syste…
|
CWE-530
Exposure of Backup File to an Unauthorized Control Sphere
|
CVE-2024-56462
|
2026-05-27 23:53 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1947
|
5.4 |
MEDIUM
Network
|
-
|
-
|
IBM Cognos Analytics 11.2.0, 11.2.4, 12.0, and 12.1.0 and IBM Cognos Transformer 11.2.4, 12.0, and 12.1.0 are vulnerable to cross-site scripting (XSS). This vulnerability allows a remote attacker to …
|
CWE-79
Cross-site Scripting
|
CVE-2025-3633
|
2026-05-27 23:53 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1948
|
7.1 |
HIGH
Network
|
-
|
-
|
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a specially crafted query when autonomous transactions are enabled.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-1718
|
2026-05-27 23:53 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1949
|
7.5 |
HIGH
Network
|
-
|
-
|
IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7 could allow a remote attacker to traverse directories on the system. An…
|
CWE-22
Path Traversal
|
CVE-2026-3366
|
2026-05-27 23:53 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1950
|
5.1 |
MEDIUM
Local
|
-
|
-
|
IBM MQ Operator SC2: v3.2.0 through 3.2.23CD: v3.3.0, v3.4.0, v3.4.1, v3.5.0, v3.5.1 - v3.5.3, v3.6.0 - v3.6.4, v3.7.0 - v3.7.2, v3.8.0, v3.8.1, v3.9.0, v3.9.1LTS: v2.0.0 - 2.0.29 and IBM supplied M…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2026-2607
|
2026-05-27 23:53 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
