|
111
|
- |
|
-
|
-
|
The use of insecure HTTP transport within AMD optional tools could allow an attacker to conduct a man-in-the-middle attack, potentially leading to arbitrary code execution.
New
|
-
|
CVE-2026-40677
|
2026-06-13 01:22 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
112
|
- |
|
-
|
-
|
A lack of authorization validation in version 1.0.0 or later of the ChromaDB Rust project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection …
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-8828
|
2026-06-13 01:22 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
113
|
- |
|
-
|
-
|
Frappe is a full-stack web application framework. Prior to version 16.17.4, any user can modify any field in any Onboarding Step record. This issue has been patched in version 16.17.4.
New
|
CWE-284
Improper Access Control
|
CVE-2026-44976
|
2026-06-13 01:20 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
114
|
8.7 |
HIGH
Network
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's `DnsResolveContext` insufficiently validates the ba…
New
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-47691
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
115
|
- |
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the RedisArrayAggregator handler permanently leaks pooled d…
New
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-48006
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
116
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. In netty-codec-http2 prior to versions 4.1.135.Final and 4.2.15.Final, the `DelegatingDecompressorFrameListen…
New
|
CWE-400
CWE-401
Uncontrolled Resource Consumption
Missing Release of Memory after Effective Lifetime
|
CVE-2026-48043
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
117
|
- |
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native o…
New
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-48059
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
118
|
7.5 |
HIGH
Network
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, a memory exhaustion vulnerability in the Netty HTTP/3 codec allows the creatio…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-48748
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
119
|
7.5 |
HIGH
Network
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, RedisArrayAggregator pre-allocates ArrayList with initial c…
New
|
CWE-400
CWE-770
Uncontrolled Resource Consumption
Allocation of Resources Without Limits or Throttling
|
CVE-2026-50011
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
120
|
4.8 |
MEDIUM
Network
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using th…
New
|
CWE-200
CWE-330
Information Exposure
Use of Insufficiently Random Values
|
CVE-2026-50009
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
