|
731
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain a stack overflow in the domain parameter of the fromNetToolGet function. This vulnerability allows…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-36783
|
2026-06-11 05:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
732
|
9.8 |
CRITICAL
Network
|
-
|
-
|
An issue was discovered in bitbank2 AnimatedGIF v2.2.0. A buffer overflow in the DecodeLZW function allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code …
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-30141
|
2026-06-11 05:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
733
|
6.5 |
MEDIUM
Network
|
-
|
-
|
An uncaught exception in the /application/job/update/{id} endpoint of FastapiAdmin v2.2.0 allows authenticated attackers with the module_task:job:update permission to cause a Denial of Service (DoS) …
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-36724
|
2026-06-11 05:15 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
734
|
6.1 |
MEDIUM
Network
|
-
|
-
|
A markdown based cross-site scripting (XSS) vulnerability in the /system/notice/create endpoint of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafte…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-36725
|
2026-06-11 05:15 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
735
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A markdown based cross-site scripting (XSS) vulnerability in the AI assistant chat function of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted pa…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-36728
|
2026-06-11 05:15 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
736
|
- |
|
-
|
-
|
A flaw exists in the FlashArray Purity management interface where an authenticated low-privileged user may, under specific conditions, access functionality beyond their assigned privileges.
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-6444
|
2026-06-11 05:13 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
737
|
- |
|
-
|
-
|
A flaw exists in FlashArray Purity where insufficient filtering of certain data paths could expose sensitive information to an authenticated user with low privileges.
New
|
CWE-939
Improper Authorization in Handler for Custom URL Scheme
|
CVE-2026-6445
|
2026-06-11 05:13 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
738
|
- |
|
-
|
-
|
CleanWipe Removal Tool (macOS), prior to 16.0.0.65, may be susceptible to an Local Privilege Escalation vulnerability, which is a type of issue whereby an attacker with limited privilege access on an…
New
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2026-11626
|
2026-06-11 05:13 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
739
|
7.8 |
HIGH
Local
|
microsoft
|
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2025
|
Access of resource using incompatible type ('type confusion') in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
Update
|
CWE-843
Type Confusion
|
CVE-2026-45600
|
2026-06-11 05:03 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
740
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2016
windows_server_2019
w…
|
Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally.
Update
|
CWE-501
Trust Boundary Violation
|
CVE-2026-33828
|
2026-06-11 05:00 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
