|
3491
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in Dolibarr ERP CRM up to 23.0.1. Impacted is the function checkUserAccessToObject of the file htdocs/holiday/class/api_holidays.class.php of the component …
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-10215
|
2026-06-4 04:16 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3492
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetProtocolFilter of the file /goform/formSetProtocolFilter. Such manipulation of the argument protocol_na…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-10122
|
2026-06-4 04:16 |
2026-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3493
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in Open5GS up to 2.7.7. This affects an unknown part in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. Such manipulation leads to denial …
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-10115
|
2026-06-4 04:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3494
|
7.5 |
HIGH
Network
|
oracle
|
database_server
|
Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with n…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-46835
|
2026-06-4 04:00 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3495
|
7.5 |
HIGH
Network
|
oracle
|
database_server
|
Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with n…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-46834
|
2026-06-4 03:57 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3496
|
9.9 |
CRITICAL
Network
|
linuxfoundation
|
cloudnativepg
|
CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as t…
|
CWE-250
CWE-271
CWE-426
Execution with Unnecessary Privileges
Privilege Dropping / Lowering Errors
Untrusted Search Path
|
CVE-2026-44477
|
2026-06-4 03:56 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3497
|
8.0 |
HIGH
Network
|
microsoft
|
sharepoint_server
|
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
|
CWE-78
OS Command
|
CVE-2026-47294
|
2026-06-4 03:42 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3498
|
6.3 |
MEDIUM
Network
|
vivotek
|
fd8136_firmware
|
A stack-based buffer overflow in the export_language.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via a crafted POST…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-35717
|
2026-06-4 03:42 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3499
|
7.3 |
HIGH
Network
|
vivotek
|
fd8136_firmware
|
Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the set_getparam.cgi component
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-30649
|
2026-06-4 03:41 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3500
|
8.8 |
HIGH
Network
|
vivotek
|
fd8136_firmware
|
A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-03…
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-30650
|
2026-06-4 03:41 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
