|
2791
|
- |
|
-
|
-
|
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. Th…
|
CWE-200
Information Exposure
|
CVE-2026-34970
|
2026-05-20 23:06 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2792
|
- |
|
-
|
-
|
Improper input validation in the System Management Mode (SMM) communications buffer could allow a privileged attacker to perform an out of bounds read or write to a limited section of the Top of Memo…
|
CWE-124
Buffer Underflow
|
CVE-2024-36343
|
2026-05-20 23:04 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2793
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A stored cross-site scripting vulnerability has been found in the Talend Administration Center. An attacker with permission to manage servers can store a XSS payload that can be triggered by a differ…
|
-
|
CVE-2026-9056
|
2026-05-20 23:04 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2794
|
8.2 |
HIGH
Network
|
-
|
-
|
A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio update URL. This issue was resolved in a p…
|
-
|
CVE-2026-9057
|
2026-05-20 23:04 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2795
|
8.0 |
HIGH
Network
|
-
|
-
|
Cross-Site request forgery (CSRF) vulnerability in Sitemio Information Technologies Trade Ltd. Co. WISECP allows Cross Site Request Forgery.
This issue affects WISECP: through 20022026. NOTE: The ve…
|
CWE-352
Origin Validation Error
|
CVE-2025-11954
|
2026-05-20 23:04 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2796
|
7.8 |
HIGH
Local
|
-
|
-
|
Improper Access Control vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables a normal user gaining access to the admin panel. This issue affects Meona Clie…
|
CWE-284
Improper Access Control
|
CVE-2026-0856
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2797
|
6.0 |
MEDIUM
Local
|
-
|
-
|
Cleartext Storage of Sensitive Information in Memory vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component.
This issue affects Meona Client Launcher Component: thr…
|
CWE-316
Cleartext Storage of Sensitive Information in Memory
|
CVE-2026-0857
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2798
|
9.0 |
CRITICAL
Network
|
-
|
-
|
Improper Control of Generation of Code ('Code Injection') vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables code execution on other users' systems. This…
|
CWE-94
Code Injection
|
CVE-2026-22314
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2799
|
7.2 |
HIGH
Network
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables the export of user data, including cleartext passwords, via the SQL ed…
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-22315
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2800
|
4.4 |
MEDIUM
Local
|
-
|
-
|
Insufficient Verification of Data Authenticity vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component makes it possible to send messages to any email address. This i…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-25602
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
