|
2791
|
8.8 |
HIGH
Local
|
-
|
-
|
CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM. HttpRequestHelper#create_async_endpoint and #send_http_get_request_synchronous hard-co…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2026-41860
|
2026-06-5 00:35 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2792
|
6.7 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description (MUD) URLs. A lo…
|
CWE-78
OS Command
|
CVE-2026-10805
|
2026-06-5 00:35 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2793
|
8.2 |
HIGH
Local
|
-
|
-
|
ReleaseJob#unpack builds job_dir = File.join(@release_dir, 'jobs', name) and job_tgz = File.join(@release_dir, 'jobs', "#{name}.tgz") where name returns @job_meta['name'], a value taken verbatim from…
|
CWE-78
OS Command
|
CVE-2026-41010
|
2026-06-5 00:35 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2794
|
7.2 |
HIGH
Network
|
-
|
-
|
A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being rest…
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2026-10843
|
2026-06-5 00:35 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2795
|
9.6 |
CRITICAL
Adjacent
|
-
|
-
|
OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting un…
|
CWE-77
Command Injection
|
CVE-2026-8037
|
2026-06-5 00:35 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2796
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
Dräger Infinity M300 patient worn monitors with software version VG2.3.1 and earlier contain a network-based denial of service vulnerability that allows network-adjacent attackers to repeatedly trigg…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2019-25721
|
2026-06-5 00:29 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2797
|
7.6 |
HIGH
Adjacent
|
-
|
-
|
Dräger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain hard-coded plaintext credentials in source code and a denial-of-service vulnerability that allows local and r…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-25722
|
2026-06-5 00:29 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2798
|
4.0 |
MEDIUM
Network
|
-
|
-
|
Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted n…
|
CWE-1286
Improper Validation of Syntactic Correctness of Input
|
CVE-2019-25723
|
2026-06-5 00:29 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2799
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
Dräger Infinity M300 patient worn monitors with software version VG2.x and earlier contain a network-based denial of service vulnerability that allows attackers with access to the hospital or Infinit…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2019-25724
|
2026-06-5 00:29 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2800
|
8.2 |
HIGH
Local
|
-
|
-
|
Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can trigger a buffer overflow d…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-4478
|
2026-06-5 00:29 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
