|
161
|
- |
|
-
|
-
|
Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint, leading to Remote Code Execution.
This project i…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-5482
|
2026-06-17 00:41 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
162
|
8.8 |
HIGH
Network
|
-
|
-
|
Due to the improper neutralization of special elements used in a name parameter a low privileged remote attacker can exploit a command injection vulnerability in the Managed Ethernet Switch, resultin…
|
CWE-78
OS Command
|
CVE-2026-5416
|
2026-06-17 00:41 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
163
|
- |
|
-
|
-
|
A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl()" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and a…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-8484
|
2026-06-17 00:41 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
164
|
8.8 |
HIGH
Network
|
-
|
-
|
Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel.
The product incorrectly indexes internal state w…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-34195
|
2026-06-17 00:40 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
165
|
5.5 |
MEDIUM
Local
|
-
|
-
|
An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secure memory allocations in the kernel module. Additionally, an attacker could disr…
|
CWE-653
Improper Isolation or Compartmentalization
|
CVE-2026-41155
|
2026-06-17 00:40 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
166
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger an out-of-bound write in the GPU user-space driver, leading to memory corruption and possible b…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-41157
|
2026-06-17 00:40 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
167
|
7.8 |
HIGH
Local
|
-
|
-
|
Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages.
Physical memory allocated and freed, without the deferred free mechanis…
|
CWE-416
Use After Free
|
CVE-2026-41158
|
2026-06-17 00:40 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
168
|
7.8 |
HIGH
Local
|
-
|
-
|
Multiple printer drivers provided by Ricoh Company, Ltd. and KONICA MINOLTA JAPAN, INC. contain a privilege escalation vulnerability. If this vulnerability is exploited, an attacker who can log in to…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2026-50100
|
2026-06-17 00:40 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
169
|
6.7 |
MEDIUM
Local
|
-
|
-
|
Incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbitrary code may be executed with SYSTEM privileges.
|
CWE-276
Incorrect Default Permissions
|
CVE-2026-50255
|
2026-06-17 00:40 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
170
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Naxclow devices use a uniform request-signing scheme based on a hard-coded, platform-wide salt embedded in every firmware image. Once this salt is recovered from any device, an attacker can generate …
|
CWE-321
Use of Hard-coded Cryptographic Key
|
CVE-2026-28742
|
2026-06-17 00:37 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
