|
2321
|
8.3 |
HIGH
Network
|
-
|
-
|
Use after free in Printing in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted…
|
CWE-416
Use After Free
|
CVE-2026-11647
|
2026-06-9 11:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2322
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Use after free in Printing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
|
CWE-416
Use After Free
|
CVE-2026-11638
|
2026-06-9 11:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2323
|
- |
|
-
|
-
|
Improper validation of packet length during tls-crypt-v2 key extraction in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows authenticated attackers to trigger a fatal assertion and ca…
|
CWE-617
Reachable Assertion
|
CVE-2026-35058
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2324
|
- |
|
-
|
-
|
A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS…
|
CWE-125
CWE-416
Out-of-bounds Read
Use After Free
|
CVE-2026-40215
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2325
|
4.2 |
MEDIUM
Network
|
-
|
-
|
SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credent…
|
CWE-35
Path Traversal: '.../...//'
|
CVE-2026-24315
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2326
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticated attacker can send a crafted RFC request that explo…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-27671
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2327
|
9.0 |
CRITICAL
Network
|
-
|
-
|
SAP NetWeaver Application Server Java (Web Container) allows an unauthenticated attacker to craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal an…
|
CWE-35
Path Traversal: '.../...//'
|
CVE-2026-40128
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2328
|
3.7 |
LOW
Network
|
-
|
-
|
Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the…
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2026-44743
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2329
|
6.5 |
MEDIUM
Network
|
-
|
-
|
SAP S/4HANA(On-Premise) contains SQL injection vulnerability in a remote-enabled function module component that could be exploited by an authenticated attacker to potentially execute unauthorized dat…
|
CWE-89
SQL Injection
|
CVE-2026-44744
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2330
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Due to a reflected cross-site scripting (XSS) vulnerability in SAP NetWeaver JAVA (JDBC Test Servlet), an unauthenticated attacker could craft a URL that embeds a malicious script. If a victim clicks…
|
CWE-79
Cross-site Scripting
|
CVE-2026-44746
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
