|
791
|
8.8 |
HIGH
Network
|
-
|
-
|
microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the raw_to_header() function in src/microtar.c that allows attackers to corrupt adjacent stack memory by supplying a cra…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-43623
|
2026-06-2 23:43 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
792
|
8.2 |
HIGH
Network
|
-
|
-
|
F5-TTS through version 1.1.20 contains a path traversal vulnerability in the finetune Gradio handlers that allows unauthenticated attackers to write arbitrary files by passing unsanitized user-suppli…
|
CWE-22
Path Traversal
|
CVE-2026-43624
|
2026-06-2 23:43 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
793
|
5.9 |
MEDIUM
Network
|
-
|
-
|
CodexBar prior to 0.32.0 contains a session cookie leakage vulnerability that allows network attackers to intercept imported browser session cookies by exploiting improper redirect handling for Amp a…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2026-43625
|
2026-06-2 23:43 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
794
|
7.1 |
HIGH
Network
|
-
|
-
|
CodexBar prior to 0.32.0 contains a privilege escalation vulnerability in the CLI installer that allows local attackers to execute arbitrary commands as root by exploiting a race condition in tempora…
|
CWE-377
Insecure Temporary File
|
CVE-2026-49134
|
2026-06-2 23:43 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
795
|
7.1 |
HIGH
Local
|
-
|
-
|
CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows local attackers to access sensitive credentials or tamper with build artifacts by exploiting predictabl…
|
CWE-59
CWE-377
Link Following
Insecure Temporary File
|
CVE-2026-49135
|
2026-06-2 23:43 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
796
|
5.0 |
MEDIUM
Network
|
-
|
-
|
Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the web_fetch tool that allows remote attackers to reach internal or private network hosts by supplying a URL th…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-49138
|
2026-06-2 23:43 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
797
|
- |
|
-
|
-
|
Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the Microsoft Teams channel handler that allows remote attackers to exfiltrate Bot Framework bearer tokens by su…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-49139
|
2026-06-2 23:43 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
798
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Nanobot prior to version 0.2.1 contains a denial of service vulnerability in the Matrix channel media download handler that allows authenticated room members to exhaust process memory and bandwidth b…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-49140
|
2026-06-2 23:43 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
799
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by supplying oversized input to the IP address or domain field. Attackers ca…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2018-25427
|
2026-06-2 23:43 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
800
|
8.2 |
HIGH
Network
|
-
|
-
|
Paroiciel 11.20 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the tRecIdListe parameter. Attackers…
|
CWE-89
SQL Injection
|
CVE-2018-25428
|
2026-06-2 23:43 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
