|
251
|
7.2 |
HIGH
Local
|
-
|
-
|
Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during …
New
|
CWE-61
CWE-367
UNIX Symbolic Link (Symlink) Following
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-42306
|
2026-06-13 04:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252
|
6.1 |
MEDIUM
Local
|
-
|
-
|
Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during …
New
|
CWE-81
CWE-367
Improper Neutralization of Script in an Error Message Web Page
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-41568
|
2026-06-13 04:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Naxclow devices use a uniform request-signing scheme based on a hard-coded, platform-wide salt embedded in every firmware image. Once this salt is recovered from any device, an attacker can generate …
New
|
CWE-321
Use of Hard-coded Cryptographic Key
|
CVE-2026-28742
|
2026-06-13 04:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254
|
7.5 |
HIGH
Network
|
axios
|
axios
|
Axios is a promise based HTTP client for the browser and Node.js. Axios versions 1.7.0 through 1.15.x did not enforce configured request and response size limits when requests were sent with the fetc…
Update
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-44488
|
2026-06-13 04:04 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255
|
8.1 |
HIGH
Network
|
apache
|
cxf
|
A further incomplete fix for a previous advisory CVE-2026-44417 (Untrusted JMS configuration can lead to RCE) for Apache CXF has been identified, which can allow code execution capabilities, if untru…
New
|
CWE-20
NVD-CWE-noinfo
Improper Input Validation
|
CVE-2026-50632
|
2026-06-13 03:58 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256
|
8.1 |
HIGH
Network
|
apache
|
cxf
|
A JNDI Injection vulnerability has been discovered in Apache CXF's JCA integration module, which can allow for code execution, if an attacker is able to manipulate the JCA deployment descriptor (ra.x…
New
|
CWE-20
NVD-CWE-noinfo
Improper Input Validation
|
CVE-2026-50633
|
2026-06-13 03:53 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257
|
7.8 |
HIGH
Local
|
adobe
|
acrobat_dc
acrobat_reader_dc
acrobat
|
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current u…
Update
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-47952
|
2026-06-13 03:50 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258
|
6.5 |
MEDIUM
Network
|
apache
|
cxf
|
A vulnerability in Apache CXF's JwsJsonContainerRequestFilter can be exploited to cause CXF to process metadata that was not authenticated by the accepted signature. This can bypass the application's…
New
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2026-50634
|
2026-06-13 03:49 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259
|
7.8 |
HIGH
Local
|
adobe
|
acrobat_dc
acrobat_reader_dc
acrobat
|
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploit…
Update
|
CWE-416
Use After Free
|
CVE-2026-47955
|
2026-06-13 03:49 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260
|
7.8 |
HIGH
Local
|
adobe
|
acrobat_dc
acrobat_reader_dc
acrobat
|
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploit…
Update
|
CWE-416
Use After Free
|
CVE-2026-47915
|
2026-06-13 03:48 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
