|
2641
|
4.3 |
MEDIUM
Network
|
hcltech
|
icontrol
|
HCL iControl was affected by Weak Input Validation vulnerability. This weakness is caused during implementation of an architectural security tactic. Received input that is expected to be of a certain…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2025-52606
|
2026-06-5 03:38 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2642
|
4.3 |
MEDIUM
Network
|
hcltech
|
icontrol
|
HCL iControl was affected by Missing Cookie Attributes vulnerability. It was observed that the application is missing several critical cookie attributes, including Secure and SameSite. And also path…
|
CWE-614
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
|
CVE-2025-52608
|
2026-06-5 03:38 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2643
|
4.3 |
MEDIUM
Network
|
mozilla
|
firefox
|
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3.
|
CWE-843
Type Confusion
|
CVE-2026-10702
|
2026-06-5 03:38 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2644
|
5.3 |
MEDIUM
Network
|
openquantumsafe
|
liboqs
|
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT …
|
CWE-125
Out-of-bounds Read
|
CVE-2026-46344
|
2026-06-5 03:38 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2645
|
5.3 |
MEDIUM
Network
|
openquantumsafe
|
liboqs
|
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT …
|
CWE-20
CWE-125
Improper Input Validation
Out-of-bounds Read
|
CVE-2026-44518
|
2026-06-5 03:36 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2646
|
5.3 |
MEDIUM
Network
|
hcltech
|
icontrol
|
HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting (XSS) attacks by enabling the built-in XSS filtering mechanisms of modern web browsers.
|
CWE-693
Protection Mechanism Failure
|
CVE-2025-52609
|
2026-06-5 03:34 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2647
|
4.3 |
MEDIUM
Network
|
hcltech
|
icontrol
|
HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Spec…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2025-52611
|
2026-06-5 03:34 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2648
|
8.8 |
HIGH
Network
|
hcltech
|
icontrol
|
HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input param…
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2025-52612
|
2026-06-5 03:32 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2649
|
5.4 |
MEDIUM
Adjacent
|
macgregor
|
interschalt_vdr_g4e_firmware
|
Danelec MacGregor Voyage Data Recorder
passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks.
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2026-44611
|
2026-06-5 03:30 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2650
|
5.4 |
MEDIUM
Adjacent
|
macgregor
|
interschalt_vdr_g4e_firmware
|
An authenticated
user can download a backup of the Danelec MacGregor Voyage Data Recorder
device which includes account data and password hashes.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2026-42951
|
2026-06-5 03:30 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
