|
2211
|
- |
|
-
|
-
|
IEC 60870-5-104 used in bidirectional mode in RTU500 is vulnerable
for a NULL pointer dereferencing, if a specially crafted
sequence of messages is sent for a certain time, causing
Denial of Service …
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-8479
|
2026-05-27 01:16 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2212
|
- |
|
-
|
-
|
FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read vulnerability in the NetFlow v9 data flowset processor. In src/netflow_plugin/netflow_v9_collector.cpp, the Data template bra…
|
-
|
CVE-2026-48683
|
2026-05-27 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2213
|
7.6 |
HIGH
Network
|
-
|
-
|
Karakeep is a elf-hostable bookmark-everything app. A Server-Side Request Forgery (SSRF) protection bypass vulnerability was identified in versions prior to 0.32.0 affecting redirect-following proces…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-45082
|
2026-05-27 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2214
|
6.2 |
MEDIUM
Local
|
-
|
-
|
In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements() in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-42627
|
2026-05-27 01:16 |
2026-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2215
|
- |
|
-
|
-
|
An Insecure Direct Object Reference (IDOR) vulnerability was discovered in ONLYOFFICE DocSpace before 3.2.1. The flaw exists in multiple REST API endpoints. This allows authenticated users with low-l…
|
-
|
CVE-2026-38587
|
2026-05-27 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2216
|
7.0 |
HIGH
Local
|
samba
|
rsync
|
Rsync versions before 3.4.3 contain a time-of-check to time-of-use (TOCTOU) race condition in daemon file handling that allows attackers to redirect file writes outside intended directories by replac…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-29518
|
2026-05-27 01:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2217
|
7.8 |
HIGH
Local
|
-
|
-
|
A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2026-25112
|
2026-05-27 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2218
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in Das Parking Management System 停车场管理系统 6.2.0. This vulnerability affects unknown code of the component Search API Endpoint. The manipulation of the argument Valu…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-9552
|
2026-05-27 00:17 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2219
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in Das Parking Management System 停车场管理系统 6.2.0. This affects the function xp_cmdshell of the file ParkingRecord/ExportParkingRecords of the component API Endpoint. The …
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-9551
|
2026-05-27 00:17 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2220
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. Affected by this issue is some unknown functionality of the file /SubstationWE…
|
CWE-22
Path Traversal
|
CVE-2026-9550
|
2026-05-27 00:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
