|
2581
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in the AWX GitHub webhook integration. When processing GitHub pull_request webhooks, the controller stores the pull_request.statuses_url value from the webhook payload without valida…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-12726
|
2026-06-23 03:33 |
2026-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2582
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip GridTime 3000 allows Cross-Site Scripting (XSS).
This issue affects GridTime 30…
|
CWE-79
Cross-site Scripting
|
CVE-2026-12619
|
2026-06-23 03:29 |
2026-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2583
|
- |
|
-
|
-
|
The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints.
This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0.
|
CWE-200
Information Exposure
|
CVE-2026-12620
|
2026-06-23 03:29 |
2026-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2584
|
- |
|
-
|
-
|
Improper neutralization of input during web page generation XSS
vulnerability in the GridTime 3000 (password reset form) allows XSS.
This issue affects GridTime 3000: from 1.0r0.03 before 1.2r0.0.
|
CWE-79
Cross-site Scripting
|
CVE-2026-12621
|
2026-06-23 03:29 |
2026-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2585
|
- |
|
-
|
-
|
The GridTime 3000 GNSS Time Server has an open redirect vulnerability in the password change form submission.
This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0.
|
CWE-601
Open Redirect
|
CVE-2026-12622
|
2026-06-23 03:29 |
2026-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2586
|
7.8 |
HIGH
Local
|
-
|
-
|
A vulnerability has been found in AOMEI Partition Assistant up to 10.10.1. This vulnerability affects unknown code in the library ampa10.sys of the component Kernel Driver. Such manipulation leads to…
|
CWE-266 CWE-284
Incorrect Privilege Assignment Improper Access Control
|
CVE-2026-12778
|
2026-06-23 03:24 |
2026-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2587
|
7.8 |
HIGH
Local
|
-
|
-
|
A vulnerability was determined in AOMEI Backupper up to 8.3.0. Impacted is an unknown function in the library amwrtdrv.sys of the component Kernel Driver. Executing a manipulation can lead to imprope…
|
CWE-266 CWE-284
Incorrect Privilege Assignment Improper Access Control
|
CVE-2026-12780
|
2026-06-23 03:24 |
2026-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2588
|
7.8 |
HIGH
Local
|
-
|
-
|
A vulnerability was identified in EaseUS Partition Master up to 14.5. The affected element is an unknown function in the library epmntdrv.sys of the component Kernel Driver. The manipulation leads to…
|
CWE-266 CWE-284
Incorrect Privilege Assignment Improper Access Control
|
CVE-2026-12781
|
2026-06-23 03:24 |
2026-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2589
|
7.8 |
HIGH
Local
|
-
|
-
|
A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to 9.76. Affected by this issue is some unknown functionality in the library bootpt64.sys of the component Kernel Driver. The …
|
CWE-266 CWE-284
Incorrect Privilege Assignment Improper Access Control
|
CVE-2026-12786
|
2026-06-23 03:24 |
2026-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2590
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in ILIAS Learning Management System 11.0. This issue affects the function ilTrQuery::executeQueries of the file components/ILIAS/Tracking/classes/class.ilTrQuery.php of…
|
CWE-74 CWE-89
Injection SQL Injection
|
CVE-2026-12789
|
2026-06-23 03:24 |
2026-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|