|
1451
|
8.8 |
HIGH
Network
|
-
|
-
|
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to elevate privileges over a network.
|
CWE-280
Improper Handling of Insufficient Permissions or Privileges
|
CVE-2026-40371
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1452
|
8.8 |
HIGH
Local
|
-
|
-
|
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Azure Kubernetes Service allows an authorized attacker to execute code locally.
|
CWE-22
Path Traversal
|
CVE-2026-32193
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1453
|
4.8 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability in which an attacker can provide a crafted external URL that may redirect a user to an unintended website.
|
CWE-601
Open Redirect
|
CVE-2026-28301
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1454
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Deserialization of untrusted data in Nuance PowerScribe allows an unauthorized attacker to execute code over a network.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-26142
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1455
|
7.3 |
HIGH
Local
|
-
|
-
|
NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead to code execution, data tampering…
|
CWE-129
Improper Validation of Array Index
|
CVE-2026-24181
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1456
|
7.3 |
HIGH
Local
|
-
|
-
|
NVIDIA DALI contains a vulnerability in a component where an attacker could cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead to code execution, data tampering…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-24180
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1457
|
8.1 |
HIGH
Network
|
-
|
-
|
Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients using the clien…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-24065
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1458
|
7.8 |
HIGH
Local
|
-
|
-
|
Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability.
|
CWE-22
Path Traversal
|
CVE-2026-22926
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1459
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This impacts an unknown function of the file admin/admin_login.php of the com…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11531
|
2026-06-10 02:17 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1460
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least p…
|
CWE-266
CWE-272
Incorrect Privilege Assignment
Least Privilege Violation
|
CVE-2026-11494
|
2026-06-10 02:17 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
