|
2971
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2026-5297
|
2026-05-22 08:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2972
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…
|
-
|
CVE-2026-8352
|
2026-05-22 06:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2973
|
8.8 |
HIGH
Network
|
-
|
-
|
IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv_-prefixed query parameters through the…
|
CWE-88
Argument Injection
|
CVE-2026-47114
|
2026-05-22 06:03 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2974
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The GSheet For Woo Importer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the process_ajax_restore_action() function in all versions up to, and …
|
CWE-862
Missing Authorization
|
CVE-2026-4843
|
2026-05-22 06:03 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2975
|
6.1 |
MEDIUM
Network
|
simplesamlphp
|
simplesamlphp-casserver
simplesamlphp_casserver
|
SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. In versions below 6.3.1 and 7.0.0, the logout endpoint accepts a url query parameter to redire…
|
CWE-601
Open Redirect
|
CVE-2025-65954
|
2026-05-22 06:01 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2976
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
firefox_focus
|
Sandbox escape in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 151.
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-8945
|
2026-05-22 05:56 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2977
|
4.8 |
MEDIUM
Network
|
samba
|
rsync
|
Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass host…
|
CWE-289
Authentication Bypass by Alternate Name
|
CVE-2026-43617
|
2026-05-22 05:54 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2978
|
3.7 |
LOW
Network
|
samba
|
rsync
|
Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in socket.c that allows network attackers to corrupt stack memor…
|
CWE-193
Off-by-one Error
|
CVE-2026-45232
|
2026-05-22 05:52 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2979
|
5.5 |
MEDIUM
Local
|
samba
|
rsync
|
Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recv_files() in receiver.c that allows a malicious rsync server to crash the rsync client process. Atta…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-43620
|
2026-05-22 05:47 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2980
|
6.3 |
MEDIUM
Local
|
samba
|
rsync
|
Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat …
|
CWE-59
CWE-367
Link Following
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-43619
|
2026-05-22 05:42 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
