|
821
|
5.4 |
MEDIUM
Network
|
jupyter
|
jupyter_server
|
Jupyter Server is the backend for Jupyter web applications. Prior to 2.20, the nbconvert HTTP handlers in jupyter_server render user-authored notebook HTML under the Jupyter origin without a sandbox …
|
CWE-79
CWE-1021
Cross-site Scripting
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2026-44727
|
2026-06-27 03:57 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
822
|
8.8 |
HIGH
Network
|
dokku
|
dokku
|
Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into temporary directories without sanitizing member paths or preve…
|
CWE-59
Link Following
|
CVE-2026-45405
|
2026-06-27 03:56 |
2026-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
823
|
5.5 |
MEDIUM
Local
|
dokku
|
dokku
|
Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:auth command creates $DOKKU_ROOT/.netrc using bash's touch command, which applies the default umask of 0644. This pre-creation defeats the net…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2026-45407
|
2026-06-27 03:55 |
2026-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
824
|
9.0 |
CRITICAL
Network
|
dokku
|
dokku
|
Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex (^[a-z0-9][^/:_A-Z]*$) permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted ap…
|
CWE-78
OS Command
|
CVE-2026-45408
|
2026-06-27 03:55 |
2026-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
825
|
5.3 |
MEDIUM
Network
|
wolfssl
|
wolfssl
|
Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS n…
|
CWE-295
Improper Certificate Validation
|
CVE-2026-10592
|
2026-06-27 03:55 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
826
|
7.5 |
HIGH
Network
|
wolfssl
|
wolfssl
|
X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only builds with --enable-opensslextra (OPENSSL_EXTRA) and whose application vali…
|
CWE-295
Improper Certificate Validation
|
CVE-2026-11310
|
2026-06-27 03:54 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
827
|
7.5 |
HIGH
Network
|
microsoft
|
cost_management
|
Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network.
|
CWE-200
Information Exposure
|
CVE-2026-47633
|
2026-06-27 03:54 |
2026-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
828
|
7.5 |
HIGH
Network
|
wolfssl
|
wolfssl
|
Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of …
|
CWE-125
Out-of-bounds Read
|
CVE-2026-12340
|
2026-06-27 03:54 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
829
|
7.5 |
HIGH
Network
|
wolfssl
|
wolfssl
|
Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsip_StoreMessage() the capacity check guarding the fixed message bag (MSGBAG_SIZE) sets an error code but fails to return, so ex…
|
CWE-393
CWE-787
Return of Wrong Status Code
Out-of-bounds Write
|
CVE-2026-55958
|
2026-06-27 03:54 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
830
|
7.5 |
HIGH
Network
|
wolfssl
|
wolfssl
|
Un-negotiated Raw Public Key (RFC 7250) accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative() accepts it without performing any …
|
CWE-295
Improper Certificate Validation
|
CVE-2026-55960
|
2026-06-27 03:54 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
