|
151
|
- |
|
-
|
-
|
Potential security vulnerabilities have been identified in the HP One
Agent for certain HP PC products, which might allow
for escalation of privilege and/or denial of service. HP
is …
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2026-5064
|
2026-06-17 00:42 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
152
|
5.5 |
MEDIUM
Network
|
-
|
-
|
Improper host validation in the social login autofill feature in
Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to
disclose stored social login credentials via a crafted web entry
…
|
CWE-297
Improper Validation of Certificate with Host Mismatch
|
CVE-2026-12162
|
2026-06-17 00:42 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
153
|
5.6 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the `extract_p…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-1764
|
2026-06-17 00:42 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
154
|
5.6 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in the `tracker-extract-mp3` component of GNOME localsearch (previously known as tracker-miners). This vulnerability, a heap buffer overflow, occurs when processing specially crafted…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-1765
|
2026-06-17 00:42 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
155
|
5.6 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when pr…
|
CWE-805
Buffer Access with Incorrect Length Value
|
CVE-2026-1766
|
2026-06-17 00:42 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
156
|
5.6 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component. A remote attacker could exploit this heap buffer overflow vulnerability b…
|
CWE-805
Buffer Access with Incorrect Length Value
|
CVE-2026-1767
|
2026-06-17 00:42 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
157
|
6.7 |
MEDIUM
Local
|
-
|
-
|
Dell Peripheral Manager, versions prior to 1.7.3, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious dll.…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-22447
|
2026-06-17 00:42 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
158
|
7.8 |
HIGH
Local
|
kovidgoyal
|
kitty
|
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.3, kitty's OSC 21 (color-control) query reply reflects attacker-controlled bytes, including newlines, into the shell's input wi…
|
CWE-94
CWE-150
Code Injection
Improper Neutralization of Escape, Meta, or Control Sequences
|
CVE-2026-54057
|
2026-06-17 00:42 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
159
|
9.8 |
CRITICAL
Network
|
-
|
-
|
GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle.
GD::Image::_make_filehandle opens a filename argument wit…
|
CWE-73
CWE-78
External Control of File Name or Path
OS Command
|
CVE-2026-11526
|
2026-06-17 00:41 |
2026-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
160
|
8.6 |
HIGH
Local
|
-
|
-
|
Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument in _make_filehandle.
Config::IniFiles::_make_filehandle open…
|
CWE-73
CWE-78
External Control of File Name or Path
OS Command
|
CVE-2026-11527
|
2026-06-17 00:41 |
2026-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
