|
2521
|
- |
|
-
|
-
|
InfoScale CmdServer before 7.4.2 mishandles access control.
|
-
|
CVE-2026-44926
|
2026-05-21 02:31 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2522
|
9.8 |
CRITICAL
Network
|
nvidia
|
triton_inference_server
|
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to escalation of privileges, deni…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-24206
|
2026-05-21 02:31 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2523
|
7.6 |
HIGH
Network
|
-
|
-
|
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Beyaz Computer Software Design Industry and Trade Ltd. Co. CityPLus allows Reflected XSS.
This i…
|
CWE-79
Cross-site Scripting
|
CVE-2026-5783
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2524
|
9.8 |
CRITICAL
Network
|
nvidia
|
triton_inference_server
|
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to code execution, escalation of …
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-24207
|
2026-05-21 02:30 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2525
|
7.5 |
HIGH
Network
|
-
|
-
|
Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Exposure of Information Through Directory Listing vulnerability. An unauthenticated attacker with remote access could potentially exploit thi…
|
CWE-548
Exposure of Information Through Directory Listing
|
CVE-2025-32750
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2526
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the brow…
|
CWE-79
Cross-site Scripting
|
CVE-2026-4293
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2527
|
9.1 |
CRITICAL
Network
|
-
|
-
|
An undocumented configuration export port is accessible on some models
of ZKTeco CCTV cameras. This port does not require authentication and
exposes critical information about the camera such as op…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-8598
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2528
|
6.8 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the Border Gateway Protocol (BGP) enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow a…
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2026-20171
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2529
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to execute commands on the underlying operating system as the roo…
|
CWE-74
Injection
|
CVE-2026-20199
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2530
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Agent could have allowed an authenticated, remote attacker to execute arbitrary commands on Agents on behalf of the Browse…
|
CWE-78
OS Command
|
CVE-2026-20206
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
