|
2111
|
8.8 |
HIGH
Network
|
concretecms
|
concrete_cms
|
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/delete. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 sco…
|
CWE-352
CWE-1275
Origin Validation Error
Sensitive Cookie with Improper SameSite Attribute
|
CVE-2026-8411
|
2026-05-27 03:26 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2112
|
8.8 |
HIGH
Network
|
concretecms
|
concrete_cms
|
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/cache. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 sco…
|
CWE-352
CWE-1275
Origin Validation Error
Sensitive Cookie with Improper SameSite Attribute
|
CVE-2026-8412
|
2026-05-27 03:25 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2113
|
8.8 |
HIGH
Network
|
concretecms
|
concrete_cms
|
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescan(). The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score…
|
CWE-352
CWE-1275
Origin Validation Error
Sensitive Cookie with Improper SameSite Attribute
|
CVE-2026-8433
|
2026-05-27 03:19 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2114
|
3.3 |
LOW
Local
|
-
|
-
|
A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isom_intern.c of the component MP4Box. The manipulation results in null pointe…
|
CWE-404
CWE-476
Improper Resource Shutdown or Release
NULL Pointer Dereference
|
CVE-2026-9567
|
2026-05-27 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2115
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in teableio teable up to 1.9.x. This impacts an unknown function of the file apps/nextjs-app/src/features/auth/pages/LoginPage.tsx of the component Sign-up. The manipul…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-9566
|
2026-05-27 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2116
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these coul…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-8975
|
2026-05-27 03:16 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2117
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploite…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-8974
|
2026-05-27 03:16 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2118
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Memory safety bugs present in Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-8973
|
2026-05-27 03:16 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2119
|
7.7 |
HIGH
Local
|
-
|
-
|
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-8856
|
2026-05-27 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2120
|
8.1 |
HIGH
Network
|
-
|
-
|
IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication).
|
CWE-94
Code Injection
|
CVE-2026-8855
|
2026-05-27 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
