|
2821
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZE_SCHEMA, Memo Rendering Component, and Public/Private Memo View …
|
CWE-79
Cross-site Scripting
|
CVE-2026-30586
|
2026-06-5 01:18 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2822
|
5.0 |
MEDIUM
Local
|
-
|
-
|
A NULL pointer dereference in the gf_filter_pid_resolve_file_template_ex function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS)…
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-60477
|
2026-06-5 01:18 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2823
|
- |
|
-
|
-
|
backpack/crud provides Create, Read, Update & Delete (CRUD) functions for Backpack, a collection of Laravel packages that help users build custom administration panels. Versions prior to 5.0.13, 4.1.…
|
CWE-79
Cross-site Scripting
|
CVE-2022-31114
|
2026-06-5 01:18 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2824
|
- |
|
-
|
-
|
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 are vulnerable to remote code execution via the newsletter custom template directory feature. O…
|
CWE-1336
Improper Neutralization of Special Elements Used in a Template Engine
|
CVE-2026-41065
|
2026-06-5 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2825
|
- |
|
-
|
-
|
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access t…
|
CWE-22
CWE-73
Path Traversal
External Control of File Name or Path
|
CVE-2026-40605
|
2026-06-5 01:16 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2826
|
4.6 |
MEDIUM
Physics
|
-
|
-
|
The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive u…
|
CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
|
CVE-2026-36178
|
2026-06-5 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2827
|
6.5 |
MEDIUM
Network
|
-
|
-
|
(*x509.Certificate).VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name (SAN) entries. This caused strings.Split(host, ".") to execute repeatedly on the sa…
|
-
|
CVE-2026-27145
|
2026-06-5 01:15 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2828
|
7.5 |
HIGH
Network
|
-
|
-
|
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU.
|
CWE-407
Inefficient Algorithmic Complexity
|
CVE-2026-42504
|
2026-06-5 01:15 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2829
|
5.3 |
MEDIUM
Network
|
-
|
-
|
When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or log…
|
-
|
CVE-2026-42507
|
2026-06-5 01:15 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2830
|
7.5 |
HIGH
Network
|
-
|
-
|
ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform m…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-50031
|
2026-06-5 01:15 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
