|
3801
|
8.8 |
HIGH
Local
|
qualcomm
|
cq8750m_firmware
fastconnect_6700_firmware
fastconnect_6800_firmware
fastconnect_6900_firmware
fastconnect_7800_firmware
g3x_gen_2_firmware
pandeiro_firmware
qca6391_firmware
…
|
Memory corruption while using Strongbox due to missing bounds check.
|
CWE-129
Improper Validation of Array Index
|
CVE-2026-25276
|
2026-06-2 23:58 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3802
|
8.8 |
HIGH
Local
|
qualcomm
|
cq8750m_firmware
fastconnect_6700_firmware
fastconnect_6800_firmware
fastconnect_6900_firmware
fastconnect_7800_firmware
g3x_gen_2_firmware
pandeiro_firmware
qca6391_firmware
…
|
Memory corruption while using Strongbox due to buffer overflow.
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-25277
|
2026-06-2 23:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3803
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Cross-Site Scripting (XSS) in GeniexWebView component in Transsion AI Assistant Lifestyle application (com.transsion.aiassistantlifestyle) all versions on Android allows remote attacker to execute ar…
|
CWE-79
Cross-site Scripting
|
CVE-2026-10510
|
2026-06-2 23:50 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3804
|
6.5 |
MEDIUM
Network
|
-
|
-
|
D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing vulnerability. Application registers multiple custom URL handlers that could be exploited to initiate fu…
|
CWE-74
CWE-200
Injection
Information Exposure
|
CVE-2026-8993
|
2026-06-2 23:50 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3805
|
5.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V4.0). The affected applications stores sensitive information in the browser cache when an authenticated user…
|
CWE-525
Use of Web Browser Cache Containing Sensitive Information
|
CVE-2026-41918
|
2026-06-2 23:50 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3806
|
- |
|
-
|
-
|
Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology (RabbitMQ Management interface modules) allows Default Usernames and Passwords. This issue affects navify Digita…
|
CWE-1392
Use of Default Credentials
|
CVE-2026-9844
|
2026-06-2 23:50 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3807
|
8.8 |
HIGH
Network
|
openstack
|
keystone
|
An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone application credential authentication plugin does not verify that the user supplied in the authentication request matches the…
|
CWE-863
Incorrect Authorization
|
CVE-2026-42998
|
2026-06-2 23:50 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3808
|
9.8 |
CRITICAL
Network
|
ibm
|
cloud_pak_for_data_system_-_cyclops
|
IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, …
|
CWE-89
SQL Injection
|
CVE-2025-36220
|
2026-06-2 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3809
|
7.5 |
HIGH
Network
|
ibm
|
cloud_pak_for_data_system_-_cyclops
|
IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System uses default passwords default passwords from the manufacturing process for use during the inst…
|
CWE-1392
NVD-CWE-noinfo
Use of Default Credentials
|
CVE-2025-36221
|
2026-06-2 23:49 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3810
|
4.3 |
MEDIUM
Network
|
jenkins
|
job_import
|
Jenkins Job Import Plugin 143.v044a_2e819b_27 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of cred…
|
CWE-269
Improper Privilege Management
|
CVE-2026-48926
|
2026-06-2 23:49 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
