|
221
|
5.4 |
MEDIUM
Network
|
wolterskluwer
|
lex_baza_dokumentow
|
LEX Baza Dokumentów is vulnerable to DOM-based XSS in "em" cookie parameter. The application unsafely
processes the parameter on the client side, allowing an attacker to execute arbitrary
JavaScript …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2026-1493
|
2026-05-5 09:30 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222
|
7.5 |
HIGH
Network
|
jetbrains
|
intellij_idea
|
In JetBrains IntelliJ IDEA before 2024.3.7.1,
2025.1.7.1,
2025.2.6.2,
2025.3.4.1,
2026.1.1 reading arbitrary local files was possible via built-in web server
Update
|
CWE-59
Link Following
|
CVE-2026-41882
|
2026-05-5 09:24 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223
|
7.8 |
HIGH
Local
|
ibm
|
turbonomic_prometurbo_agent
|
IBM Turbonomic prometurbo agent 8.16.0 through 8.17.6 IBM Turbonomic Application Resource Management grants excessive cluster‑wide permissions, including unrestricted read access to all secrets. An a…
Update
|
CWE-269
NVD-CWE-noinfo
Improper Privilege Management
|
CVE-2026-6389
|
2026-05-5 09:17 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function update_document/continue_document/delete_documen…
New
|
CWE-22
Path Traversal
|
CVE-2026-7788
|
2026-05-5 09:16 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275/400c3da70074f22f3cce7ccb65304cafc7089c89. This affects the function quick_capture of the file…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7785
|
2026-05-5 09:16 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file apiserver/routes/extensions.py of the component Skills Endpoint. Such manipula…
New
|
CWE-22
Path Traversal
|
CVE-2026-7784
|
2026-05-5 09:16 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
227
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in CodeCanyon Perfex CRM up to 3.4.1. This vulnerability affects the function AbstractKanban::applySortQuery of the file application/services/AbstractKanban.php of the component…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7783
|
2026-05-5 09:16 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
228
|
8.8 |
HIGH
Network
|
dbitnet
|
dbit_n300_t1_pro_firmware
|
A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanism…
Update
|
CWE-352
Origin Validation Error
|
CVE-2026-36956
|
2026-05-5 09:09 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
229
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in CodeCanyon Perfex CRM up to 3.4.1. This affects the function Clients::project of the file application/controllers/Clients.php of the component Tenant Handler. The mani…
New
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-7782
|
2026-05-5 08:16 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
230
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in Open5GS up to 2.7.7. Affected by this issue is the function udm_nudm_uecm_handle_amf_registration_update of the file /src/udm/nudm-handler.c of the compo…
New
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-7781
|
2026-05-5 08:16 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
