|
3051
|
7.5 |
HIGH
Network
|
axios
|
axios
|
Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios’s Node.js HTTP adapter may forward a Proxy-Authorization header to a redirected origin during speci…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2026-44487
|
2026-06-13 04:19 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3052
|
7.8 |
HIGH
Local
|
adobe
|
acrobat_dc
acrobat_reader_dc
acrobat
|
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploit…
|
CWE-416
Use After Free
|
CVE-2026-47916
|
2026-06-13 04:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3053
|
7.5 |
HIGH
Network
|
axios
|
axios
|
Axios is a promise based HTTP client for the browser and Node.js. Axios versions 1.7.0 through 1.15.x did not enforce configured request and response size limits when requests were sent with the fetc…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-44488
|
2026-06-13 04:04 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3054
|
8.1 |
HIGH
Network
|
apache
|
cxf
|
A further incomplete fix for a previous advisory CVE-2026-44417 (Untrusted JMS configuration can lead to RCE) for Apache CXF has been identified, which can allow code execution capabilities, if untru…
|
CWE-20
NVD-CWE-noinfo
Improper Input Validation
|
CVE-2026-50632
|
2026-06-13 03:58 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3055
|
8.1 |
HIGH
Network
|
apache
|
cxf
|
A JNDI Injection vulnerability has been discovered in Apache CXF's JCA integration module, which can allow for code execution, if an attacker is able to manipulate the JCA deployment descriptor (ra.x…
|
CWE-20
NVD-CWE-noinfo
Improper Input Validation
|
CVE-2026-50633
|
2026-06-13 03:53 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3056
|
7.8 |
HIGH
Local
|
adobe
|
acrobat_dc
acrobat_reader_dc
acrobat
|
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current u…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-47952
|
2026-06-13 03:50 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3057
|
6.5 |
MEDIUM
Network
|
apache
|
cxf
|
A vulnerability in Apache CXF's JwsJsonContainerRequestFilter can be exploited to cause CXF to process metadata that was not authenticated by the accepted signature. This can bypass the application's…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2026-50634
|
2026-06-13 03:49 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3058
|
7.8 |
HIGH
Local
|
adobe
|
acrobat_dc
acrobat_reader_dc
acrobat
|
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploit…
|
CWE-416
Use After Free
|
CVE-2026-47955
|
2026-06-13 03:49 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3059
|
7.8 |
HIGH
Local
|
adobe
|
acrobat_dc
acrobat_reader_dc
acrobat
|
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploit…
|
CWE-416
Use After Free
|
CVE-2026-47915
|
2026-06-13 03:48 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3060
|
4.3 |
MEDIUM
Network
|
redhat
|
directory_server
389_directory_server
enterprise_linux
|
A flaw was found in 389 Directory Server. A type confusion in the SSO token extended operation handler causes partial stack address information to be disclosed in LDAP responses to authenticated user…
|
CWE-843
Type Confusion
|
CVE-2026-11785
|
2026-06-13 03:47 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
