|
1971
|
6.5 |
MEDIUM
Network
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgp_protocol.hpp, the parse_raw_…
|
CWE-130
Improper Handling of Length Parameter Inconsistency
|
CVE-2026-48685
|
2026-05-27 23:23 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1972
|
9.8 |
CRITICAL
Network
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI (Network Layer Reachability Information) decoder. The function decode_bgp_subnet_encoding_ipv4_raw() …
|
CWE-120
CWE-787
Classic Buffer Overflow
Out-of-bounds Write
|
CVE-2026-48686
|
2026-05-27 23:23 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1973
|
- |
|
-
|
-
|
Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses signed with an expired responder certificate to be accepted as valid.
OCSP re…
|
CWE-295
CWE-672
Improper Certificate Validation
Operation on a Resource after Expiration or Release
|
CVE-2026-42791
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1974
|
- |
|
-
|
-
|
Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP public_key (pubkey_cert module) allows a non-CA certificate to be accepted as an intermediate issuer, enabling certifi…
|
CWE-295
CWE-296
Improper Certificate Validation
Improper Following of a Certificate's Chain of Trust
|
CVE-2026-42789
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1975
|
7.1 |
HIGH
Network
|
-
|
-
|
IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through Interim Fix 021, 7.1.0 Interim Fix 001 through Interim Fix 009, and 7.2.0 and 7.2.0 Interim Fix 001 is vulnerable to an XML exter…
|
CWE-611
XXE
|
CVE-2026-3603
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1976
|
3.3 |
LOW
Local
|
-
|
-
|
NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString (a 16-bit number of bytes), it returns a truncated strin…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-39824
|
2026-05-27 23:16 |
2026-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1977
|
- |
|
-
|
-
|
An issue in fetch_jpg() in xdrv_10_scripter.ino in Tasmota through 15.3.0.3 allows a remote attacker to cause heap buffer overflow. The Content-Length from a JPEG stream is stored in a uint16_t varia…
|
-
|
CVE-2026-38427
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1978
|
- |
|
-
|
-
|
Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the xdrv_10_scripter.ino, fetch_jpg(), jpg_task.boundary[40], strcpy() fu…
|
-
|
CVE-2026-38426
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1979
|
- |
|
-
|
-
|
In Slican telephone exchanges it is possible to manage the control panel remotely. An unauthenticated attacker can connect to the modem via a telephone with a specific caller ID. This allows them to …
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-35090
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1980
|
- |
|
-
|
-
|
In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can be obtained without authentication. An unauthenticated attacker can …
|
CWE-1391
Use of Weak Credentials
|
CVE-2026-35089
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
