|
491
|
6.0 |
MEDIUM
Local
|
-
|
-
|
Cleartext Storage of Sensitive Information in Memory vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component.
This issue affects Meona Client Launcher Component: thr…
New
|
CWE-316
Cleartext Storage of Sensitive Information in Memory
|
CVE-2026-0857
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
492
|
9.0 |
CRITICAL
Network
|
-
|
-
|
Improper Control of Generation of Code ('Code Injection') vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables code execution on other users' systems. This…
New
|
CWE-94
Code Injection
|
CVE-2026-22314
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
493
|
7.2 |
HIGH
Network
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables the export of user data, including cleartext passwords, via the SQL ed…
New
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-22315
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
494
|
4.4 |
MEDIUM
Local
|
-
|
-
|
Insufficient Verification of Data Authenticity vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component makes it possible to send messages to any email address. This i…
New
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-25602
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
495
|
- |
|
-
|
-
|
NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support ('--enable-dnscrypt'). A bad DNSCrypt query could underflow Unbou…
New
|
CWE-125
CWE-166
Out-of-bounds Read
Improper Handling of Missing Special Element
|
CVE-2026-32792
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
496
|
- |
|
-
|
-
|
NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying …
New
|
CWE-416
CWE-672
Use After Free
Operation on a Resource after Expiration or Release
|
CVE-2026-33278
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
497
|
- |
|
-
|
-
|
NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL config…
New
|
CWE-346
Origin Validation Error
|
CVE-2026-40622
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
498
|
- |
|
-
|
-
|
NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too ma…
New
|
CWE-407
CWE-770
Inefficient Algorithmic Complexity
Allocation of Resources Without Limits or Throttling
|
CVE-2026-41292
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
499
|
7.5 |
HIGH
Network
|
-
|
-
|
A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated a…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-9064
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
500
|
- |
|
-
|
-
|
NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the jostle logic that could defeat its purpose and degrade resolution performance. Retransmits of the same query could ren…
New
|
CWE-440
Expected Behavior Violation
|
CVE-2026-42534
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
