|
3021
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2026-9642
|
2026-06-4 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3022
|
7.4 |
HIGH
Network
|
-
|
-
|
SIP signaling stack in Verizon IMS (unspecified version) implements SIP signaling without IPsec integrity protection (missing Security-Client/Security-Server headers and ESP traffic), which allows an…
|
-
|
CVE-2026-10629
|
2026-06-4 01:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3023
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in php-censor up to 2.1.6. This affects an unknown function of the file src/Model/Build/GitBuild.php of the component Webhook Endpoint. Performing a manipulation of the argu…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-10273
|
2026-06-4 01:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3024
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in raisulislamg4 student_management_system_by_php up to 310d950e09013d5133c6b9210aff9444382d16d1. The affected element is an unknown function of the file add_user_check…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-10227
|
2026-06-4 01:16 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3025
|
7.8 |
HIGH
Local
|
google
|
android
|
In multiple locations, there is a possible tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti…
|
CWE-269
Improper Privilege Management
|
CVE-2026-0009
|
2026-06-4 01:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3026
|
8.6 |
HIGH
Network
|
-
|
-
|
Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software versions VG4.1.1, VG4.0.3, and lower contain network message handling vulnerabilities that allow netwo…
|
CWE-924
Improper Enforcement of Message Integrity During Transmission in a Communication Channel
|
CVE-2019-25719
|
2026-06-4 01:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3027
|
5.5 |
MEDIUM
Local
|
opentelemetry
|
ebpf_instrumentation
|
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string o…
|
CWE-20
CWE-248
Improper Input Validation
Uncaught Exception
|
CVE-2026-45676
|
2026-06-4 01:08 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3028
|
4.2 |
MEDIUM
Network
|
redhat
|
build_of_keycloak
|
A flaw was found in Keycloak, an open-source identity and access management solution. When a client application is configured to accept broad redirect Uniform Resource Identifiers (URIs), a remote at…
|
CWE-1288
Improper Validation of Consistency within Input
|
CVE-2026-9689
|
2026-06-4 00:42 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3029
|
8.8 |
HIGH
Network
|
redhat
|
build_of_keycloak
|
A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subject_token JSON Web Token (JWT) to the TokenEndpoint. When the token …
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2026-9704
|
2026-06-4 00:40 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3030
|
6.5 |
MEDIUM
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated attacker to tamper w…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-23638
|
2026-06-4 00:30 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
