|
3351
|
8.3 |
HIGH
Network
|
-
|
-
|
Integer overflow in XML in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-9966
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3352
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in KLiK SocialMediaWebsite 1.0. This issue affects some unknown processing of the component HTTP POST Request Parameter Handler. Such manipulation leads to injection. T…
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2026-9422
|
2026-05-30 01:16 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3353
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…
|
-
|
CVE-2026-9194
|
2026-05-30 01:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3354
|
7.3 |
HIGH
Network
|
-
|
-
|
IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID.
When decode_ux() in bin/…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2026-48961
|
2026-05-30 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3355
|
7.5 |
HIGH
Network
|
-
|
-
|
IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward.
fastForward() compares length $offset (the digit count of the offset, 1 to 19) agains…
|
CWE-407
Inefficient Algorithmic Complexity
|
CVE-2026-48959
|
2026-05-30 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3356
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). Supported versions that are affected are 12.2.3-12.2.15. Eas…
|
CWE-269
CWE-284
CWE-306
Improper Privilege Management
Improper Access Control
Missing Authentication for Critical Function
|
CVE-2026-46824
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3357
|
7.7 |
HIGH
Network
|
-
|
-
|
Vulnerability in the Oracle Public Sector Financials (International) product of Oracle E-Business Suite (component: Authorization). Supported versions that are affected are 12.2.6-12.2.15. Easily ex…
|
CWE-863
Incorrect Authorization
|
CVE-2026-46823
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3358
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Vulnerability in the Oracle iAssets product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability all…
|
CWE-284
Improper Access Control
|
CVE-2026-46822
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3359
|
7.7 |
HIGH
Network
|
-
|
-
|
Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable v…
|
CWE-284
Improper Access Control
|
CVE-2026-46821
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3360
|
- |
|
-
|
-
|
LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, LinkAce contains an Insecure Direct Object Reference vulnerability in the authorization policy layer that allows any authent…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-45342
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
