|
691
|
5.3 |
MEDIUM
Network
|
-
|
-
|
FacturaScripts is an open source accounting and invoicing software. Prior to v2026, an unauthenticated information disclosure vulnerability in the Installer controller allows any remote attacker to t…
New
|
CWE-200
Information Exposure
|
CVE-2026-42878
|
2026-05-29 01:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
692
|
3.7 |
LOW
Adjacent
|
-
|
-
|
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not enforce the concurrent security procedure rules defined in 3GPP TS 33.501 §6.9.5.1. The AM…
New
|
CWE-358
Improperly Implemented Security Check for Standard
|
CVE-2026-42082
|
2026-05-29 01:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
693
|
5.3 |
MEDIUM
Network
|
-
|
-
|
SQL Injection vulnerability in uzy-ssm-mall v1.1.0 allows a remote attacker to obtain sensitive information via the ProductMapper.xml and /OrderUtil.java components
New
|
CWE-89
SQL Injection
|
CVE-2026-38808
|
2026-05-29 01:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
694
|
8.8 |
HIGH
Network
|
-
|
-
|
Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-38807
|
2026-05-29 01:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
695
|
7.8 |
HIGH
Local
|
-
|
-
|
Command injection in Raynet rvia 12.6.4392.49-amd64.deb allows adversaries to execute commands via getconfig, and upload through the URL argument, and oracle through the -o flag The Supplier's perspe…
New
|
CWE-77
Command Injection
|
CVE-2025-69600
|
2026-05-29 01:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
696
|
5.5 |
MEDIUM
Local
|
ibm
|
app_connect_enterprise
|
IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user.
New
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2026-5515
|
2026-05-29 00:55 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
697
|
7.5 |
HIGH
Network
|
ibm
|
db2
|
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap.
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-6051
|
2026-05-29 00:55 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
698
|
7.5 |
HIGH
Network
|
ibm
|
db2
|
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when executing certain queries with MDC tables.
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-6052
|
2026-05-29 00:51 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
699
|
5.5 |
MEDIUM
Local
|
ibm
|
db2
|
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables.
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-6053
|
2026-05-29 00:46 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
700
|
6.5 |
MEDIUM
Network
|
ibm
|
i
|
IBM i 7.6, 7.5, 7.4, and 7.3 s vulnerable to a denial-of-service attack due to uncontrolled recursion in the Integrated Language Environment (ILE) compiler. An authenticated attacker could exploit th…
New
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-6936
|
2026-05-29 00:46 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
