|
181
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. This impacts the function session_start of the file /…
New
|
CWE-384
Session Fixation
|
CVE-2026-11335
|
2026-06-6 01:04 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
182
|
- |
|
-
|
-
|
Multiple reflected Cross-Site Scripting (XSS) vulnerabilities in damasac thaipalliative_lte through version 3.0 allow remote attackers to inject arbitrary web script or HTML via the idFormMain parame…
New
|
-
|
CVE-2026-38579
|
2026-06-6 01:04 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
183
|
5.3 |
MEDIUM
Network
|
-
|
-
|
quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.59.1, an attacker can cause excessive memory allocation in quic-go's HTTP/3 client and server implementations by sending a …
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-40898
|
2026-06-6 01:01 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
184
|
7.2 |
HIGH
Local
|
-
|
-
|
Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via `PUT /containers/{id}/arc…
New
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2026-41567
|
2026-06-6 01:01 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
185
|
4.3 |
MEDIUM
Network
|
-
|
-
|
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset integer overflow on 32-bit builds. 32-bit integer ove…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-48092
|
2026-06-6 01:01 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
186
|
8.8 |
HIGH
Network
|
-
|
-
|
7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer (GetCu…
New
|
CWE-190
CWE-787
Integer Overflow or Wraparound
Out-of-bounds Write
|
CVE-2026-48095
|
2026-06-6 01:01 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
187
|
- |
|
-
|
-
|
The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.22.FInal, the codec-ohttp implementation of draft-ietf-ohai-chunked-ohttp does not verify that a cryptograp…
New
|
CWE-325
Missing Required Cryptographic Step
|
CVE-2026-48480
|
2026-06-6 01:00 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
188
|
4.7 |
MEDIUM
Network
|
-
|
-
|
Iris is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 contain a weakness where an attacker can misuse it to redir…
New
|
CWE-602
Client-Side Enforcement of Server-Side Security
|
CVE-2026-42329
|
2026-06-6 01:00 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
189
|
6.3 |
MEDIUM
Network
|
-
|
-
|
IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 do not properly validate uploaded files. The application ca…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-42538
|
2026-06-6 01:00 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
190
|
8.2 |
HIGH
Network
|
-
|
-
|
CoreShop is a Pimcore enhanced eCommerce solution. In versions 5.0.1 through 5.1.0-beta.1,, the GitHub Actions workflow (`.github/workflows/static.yml`) uses the `pull_request_target` trigger but dan…
New
|
CWE-94
Code Injection
|
CVE-2026-41249
|
2026-06-6 01:00 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
