|
961
|
2.7 |
LOW
Network
|
-
|
-
|
Tanium addressed an information disclosure vulnerability in Threat Response.
New
|
CWE-200
Information Exposure
|
CVE-2026-6392
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
962
|
2.7 |
LOW
Network
|
-
|
-
|
Tanium addressed an information disclosure vulnerability in Tanium Server.
New
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2026-6408
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
963
|
2.7 |
LOW
Network
|
-
|
-
|
Tanium addressed an uncontrolled resource consumption vulnerability in Interact.
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-6416
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
964
|
6.5 |
MEDIUM
Network
|
-
|
-
|
The a+HRD developed by aEnrich has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
New
|
CWE-89
SQL Injection
|
CVE-2026-6833
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
965
|
6.5 |
MEDIUM
Network
|
-
|
-
|
The a+HRD developed by aEnrich has a Missing Authorization vulnerability, allowing authenticated remote attackers to arbitrarily read database contents through a specific API method.
New
|
CWE-862
Missing Authorization
|
CVE-2026-6834
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
966
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The a+HCM developed by aEnrich has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload arbitrary files to any path, including HTML documents, which may result …
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-6835
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
967
|
6.1 |
MEDIUM
Network
|
-
|
-
|
DeepL Chrome browser extension versions from v1.22.0 to v.1.23.0 contain a cross-site scripting vulnerability, which allows an attacker to execute arbitrary script in a user's browser, and inject mal…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-40451
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
968
|
- |
|
-
|
-
|
facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, `fio_json_parse` can enter an infinite loop when it encounters a nested JSON value star…
New
|
CWE-400
CWE-835
Uncontrolled Resource Consumption
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2026-41146
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
969
|
5.3 |
MEDIUM
Local
|
-
|
-
|
Potential Integer overflow in tensor allocation size calculation could lead to insufficient memory allocation for large tensors in Samsung Open Source ONE.
Affected version is prior to commit 1.30.0.
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-40448
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
970
|
6.6 |
MEDIUM
Local
|
-
|
-
|
Integer overflow in buffer size calculation could result in out of bounds memory access when handling large tensors in Samsung Open Source ONE.
Affected version is prior to commit 1.30.0.
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-40449
|
2026-04-23 06:23 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
