|
221
|
4.9 |
MEDIUM
Network
|
redhat
|
directory_server
389_directory_server
enterprise_linux
|
A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password storage plugin does not enforce an upper bound on the iteration count extracted from stored password hashes. A privileged attacker…
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-11790
|
2026-06-13 03:21 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222
|
7.5 |
HIGH
Network
|
-
|
-
|
Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts.
These versions use the built-in rand function, which is predictable and unsuitable for cryptography.
New
|
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
|
CVE-2026-9638
|
2026-06-13 03:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223
|
7.6 |
HIGH
Network
|
-
|
-
|
Cap-go prior to 12.128.2 contains an account takeover vulnerability in its email change mechanism that allows an attacker with temporary authenticated session access to change the registered email ad…
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-53981
|
2026-06-13 03:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224
|
7.8 |
HIGH
Local
|
-
|
-
|
Insufficient Verification of Data Authenticity in Remote Control for Zoom Contact Center for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via loca…
New
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-53406
|
2026-06-13 03:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225
|
10.0 |
CRITICAL
Network
|
-
|
-
|
SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity toke…
New
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2026-48558
|
2026-06-13 03:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226
|
8.0 |
HIGH
Network
|
-
|
-
|
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, a high…
New
|
CWE-78
OS Command
|
CVE-2026-48165
|
2026-06-13 03:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
227
|
8.0 |
HIGH
Network
|
-
|
-
|
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, during…
New
|
CWE-78
OS Command
|
CVE-2026-48163
|
2026-06-13 03:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
228
|
7.8 |
HIGH
Local
|
-
|
-
|
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. E…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-47965
|
2026-06-13 03:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
229
|
- |
|
-
|
-
|
Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scope…
New
|
CWE-524
Use of Cache Containing Sensitive Information
|
CVE-2026-47225
|
2026-06-13 03:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
230
|
5.4 |
MEDIUM
Network
|
-
|
-
|
NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.1698.0, a heap out-of-bounds read exists in the Android Verified Boot (AVB) v…
New
|
CWE-125
CWE-191
Out-of-bounds Read
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-47222
|
2026-06-13 03:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
