|
201
|
7.0 |
HIGH
Local
|
-
|
-
|
Rsync versions before 3.4.3 contain a time-of-check to time-of-use (TOCTOU) race condition in daemon file handling that allows attackers to redirect file writes outside intended directories by replac…
New
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-29518
|
2026-05-20 22:58 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202
|
7.5 |
HIGH
Local
|
-
|
-
|
NVIDIA TRT-LLM for any platform contains a vulnerability in MPI server, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code executio…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2025-33255
|
2026-05-20 22:57 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203
|
6.3 |
MEDIUM
Local
|
-
|
-
|
NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerability might lead to code execution, data tampering, and i…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-24142
|
2026-05-20 22:57 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
204
|
5.5 |
MEDIUM
Local
|
-
|
-
|
NVIDIA TRT-LLM for any platform contains a vulnerability where an attacker could cause an unchecked return value to a null pointer dereference. A successful exploit of this vulnerability might lead …
New
|
CWE-690
Unchecked Return Value to NULL Pointer Dereference
|
CVE-2026-24160
|
2026-05-20 22:57 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
205
|
7.5 |
HIGH
Local
|
-
|
-
|
NVIDIA TRT-LLM for any platform contains a vulnerability in RPC testing, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execut…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-24163
|
2026-05-20 22:57 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
206
|
6.6 |
MEDIUM
Network
|
-
|
-
|
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.
This issue affects Drupal core: from 8.0.0 before 10.5.9, …
New
|
CWE-915
Improperly Controlled Modification of Dynamically-Determined Object Attributes
|
CVE-2026-6366
|
2026-05-20 22:56 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207
|
6.4 |
MEDIUM
Local
|
-
|
-
|
Dell SmartFabric Storage Software, versions prior to 1.4.5, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker w…
New
|
CWE-77
Command Injection
|
CVE-2026-35070
|
2026-05-20 22:56 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208
|
7.5 |
HIGH
Network
|
-
|
-
|
The Creative Mail – Easier WordPress & WooCommerce Email Marketing plugin for WordPress is vulnerable to SQL Injection via the 'checkout_uuid' parameter in all versions up to, and including, 1.6.9. T…
New
|
CWE-89
SQL Injection
|
CVE-2026-3985
|
2026-05-20 22:54 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Sentence To SEO (keywords, description and tags) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect no…
New
|
CWE-352
Origin Validation Error
|
CVE-2026-6391
|
2026-05-20 22:54 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Bigfishgames Syndicate plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing or incorrect nonce validation on the bigf…
New
|
CWE-352
Origin Validation Error
|
CVE-2026-6452
|
2026-05-20 22:54 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
