|
1121
|
8.8 |
HIGH
Network
|
-
|
-
|
The ping diagnostic handler in /bin/httpd_clientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system() call, allowing authentic…
Update
|
CWE-78
OS Command
|
CVE-2026-31195
|
2026-05-8 00:15 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1122
|
8.8 |
HIGH
Network
|
-
|
-
|
The traceroute diagnostic handler in /bin/httpd_clientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system() call, allowing aut…
Update
|
CWE-78
OS Command
|
CVE-2026-31196
|
2026-05-8 00:15 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1123
|
5.5 |
MEDIUM
Local
|
-
|
-
|
Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svg_attributes.c, svg_parse_string…
Update
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-39103
|
2026-05-8 00:15 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1124
|
- |
|
-
|
-
|
Vaultwarden is a Bitwarden-compatible server written in Rust. In versions 1.35.4 and earlier, the WebAuthn authentication flow in `validate_webauthn_login()` updates persistent credential metadata (1…
Update
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-31835
|
2026-05-8 00:15 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1125
|
- |
|
-
|
-
|
Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 through 9.0beta01, any local user can read arbitrary root-owned files by exploiting a symlink followin…
Update
|
CWE-61
UNIX Symbolic Link (Symlink) Following
|
CVE-2026-31893
|
2026-05-8 00:15 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1126
|
8.8 |
HIGH
Network
|
-
|
-
|
A remote code execution vulnerability
exists in Notification Settings on GeoVision GV-ASWeb 6.2.0. An authenticated
user with System Setting permissions can execute arbitrary commands on the
server b…
Update
|
CWE-94
Code Injection
|
CVE-2026-7841
|
2026-05-8 00:15 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1127
|
7.5 |
HIGH
Network
|
-
|
-
|
Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A, H198A, H267A, H267N, H268A, H388X, H196A, H369A, H268N, H208N, H367N, H181A, and H196Q. A denial-of-service condition can be triggered a…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-34473
|
2026-05-8 00:15 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1128
|
7.5 |
HIGH
Network
|
-
|
-
|
Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. I…
New
|
CWE-200
Information Exposure
|
CVE-2026-34474
|
2026-05-8 00:15 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1129
|
- |
|
-
|
-
|
Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate …
New
|
CWE-926
Improper Export of Android Application Components
|
CVE-2026-3291
|
2026-05-8 00:15 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1130
|
8.3 |
HIGH
Network
|
-
|
-
|
Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Vi…
New
|
CWE-94
Code Injection
|
CVE-2025-1978
|
2026-05-8 00:15 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
