|
1671
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input validation. This issue uniquely affects versi…
|
CWE-78
OS Command
|
CVE-2026-25621
|
2026-06-9 04:13 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1672
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). On affected platforms, an administrative account logg…
|
CWE-78
OS Command
|
CVE-2026-25622
|
2026-06-9 04:10 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1673
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Authenticated administrators c…
|
CWE-78
OS Command
|
CVE-2026-25623
|
2026-06-9 04:10 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1674
|
4.8 |
MEDIUM
Network
|
arista
|
ng_firewall
|
An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated use…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25624
|
2026-06-9 04:08 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1675
|
7.4 |
HIGH
Network
|
asynchttpclient_project
|
async-http-client
|
The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. Versions on the 2.x branch prior to 2.15.0 and the 3.x branch pri…
|
CWE-200
Information Exposure
|
CVE-2026-45300
|
2026-06-9 03:37 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1676
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a cr…
|
CWE-20
NVD-CWE-noinfo
Improper Input Validation
|
CVE-2026-11022
|
2026-06-9 03:37 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1677
|
7.8 |
HIGH
Local
|
x.org
redhat
|
x_server
xwayland
enterprise_linux
|
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function Ch…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-50259
|
2026-06-9 03:28 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1678
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Link Preview in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted…
|
CWE-284
Improper Access Control
|
CVE-2026-11017
|
2026-06-9 03:17 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1679
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medi…
|
CWE-602
Client-Side Enforcement of Server-Side Security
|
CVE-2026-11018
|
2026-06-9 03:17 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1680
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform domain spoofing via a crafted…
|
CWE-290
CWE-451
Authentication Bypass by Spoofing
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-11019
|
2026-06-9 03:17 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
