|
121
|
7.5 |
HIGH
Network
|
-
|
-
|
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the sdl_desc() function does not validate the length of a decoded SDL descriptor from a…
New
|
CWE-369
Divide By Zero
|
CVE-2026-35215
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
122
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Anviz CX7 Firmware is vulnerable to the most recently captured test photo that can be
retrieved without authentication, revealing sensitive operational
imagery.
New
|
CWE-862
Missing Authorization
|
CVE-2026-35061
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
123
|
7.5 |
HIGH
Network
|
-
|
-
|
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdr_status_vector() function does not handle the isc_arg_cstring type when decoding…
New
|
CWE-228
Improper Handling of Syntactically Invalid Structure
|
CVE-2026-34232
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
124
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Anviz CX2 Lite and CX7 administrative sessions occur over HTTP, enabling
on‑path attackers to sniff credentials and session data, which can be
used to compromise the device.
New
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2026-33569
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
125
|
- |
|
-
|
-
|
xrdp is an open source RDP server. Versions through 0.10.5 contain an out-of-bounds read vulnerability during the RDP capability exchange phase. The issue occurs when memory is accessed before valida…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-33516
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
126
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures
a photo with the front facing camera, exposing visual information about
the deployment environment.
New
|
CWE-862
Missing Authorization
|
CVE-2026-33093
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
127
|
7.5 |
HIGH
Network
|
-
|
-
|
Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable
encryption, causing database credentials to be sent in plaintext and
enabling unauthorized database …
New
|
CWE-757
Algorithm Downgrade
|
CVE-2026-32650
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
128
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Anviz CX2 Lite and CX7 are vulnerable to unauthenticated access that discloses debug
configuration details (e.g., SSH/RTTY status), assisting attackers in
reconnaissance against the device.
New
|
CWE-862
Missing Authorization
|
CVE-2026-32648
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
129
|
- |
|
-
|
-
|
xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in its logon processing. In environments where domain_user_separator is configured in xrd…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-32624
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
130
|
- |
|
-
|
-
|
xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the mo…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-32623
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
