|
681
|
8.2 |
HIGH
Network
|
erlang
|
erlang\/otp
erts
|
Stack-based Buffer Overflow vulnerability in Erlang OTP erts (inet_drv) allows an unauthenticated remote attacker to crash the BEAM VM by sending a crafted SCTP ERROR chunk.
The sctp_parse_error_chu…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-49759
|
2026-06-16 03:24 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
682
|
6.5 |
MEDIUM
Network
|
erlang
|
erlang\/otp
erlang\/ssl
|
Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl (inet_tls_dist module) allows unauthenticated bypass of the distribution-over-TLS LAN allowlist.
The inet_tls_dist:check_ip/…
|
CWE-863
CWE-1025
Incorrect Authorization
Comparison Using Wrong Factors
|
CVE-2026-48860
|
2026-06-16 03:24 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
683
|
5.3 |
MEDIUM
Network
|
erlang
|
erlang\/otp
erlang\/ssh
|
Observable Timing Discrepancy vulnerability in Erlang/OTP ssh (ssh_auth, ssh_options modules) allows unauthenticated remote username enumeration via timing side-channel in password authentication.
W…
|
CWE-208
Information Exposure Through Timing Discrepancy
|
CVE-2026-48859
|
2026-06-16 03:23 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
684
|
6.5 |
MEDIUM
Network
|
erlang
|
erlang\/inets
erlang\/otp
|
Sensitive Data Exposure vulnerability in Erlang OTP inets (httpc_response module) allows Retrieve Embedded Sensitive Data.
The httpc client forwards the Authorization and Proxy-Authorization request…
|
CWE-601
Open Redirect
|
CVE-2026-48856
|
2026-06-16 03:23 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
685
|
6.5 |
MEDIUM
Network
|
erlang
|
erlang\/otp
erlang\/ssh
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh (ssh_sftpd module) allows File Discovery.
The SSH_FXP_READLINK handler in ssh_sftpd sends the raw result of…
|
CWE-200
Information Exposure
|
CVE-2026-48855
|
2026-06-16 03:23 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
686
|
5.5 |
MEDIUM
Local
|
erlang
|
erl_interface
erlang\/otp
|
Stack-based Buffer Overflow vulnerability in Erlang OTP (erl_interface) allows Stack-based Buffer Overflow.
This vulnerability is associated with program file lib/erl_interface/src/misc/ei_printterm…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-49760
|
2026-06-16 03:23 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
687
|
7.8 |
HIGH
Local
|
microsoft
|
pc_manager
|
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
|
CWE-59
Link Following
|
CVE-2026-50511
|
2026-06-16 03:23 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
688
|
7.8 |
HIGH
Local
|
microsoft
|
pc_manager
|
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-50512
|
2026-06-16 03:22 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
689
|
9.8 |
CRITICAL
Network
|
-
|
-
|
The WP MAPS PRO WordPress plugin before 6.1.1 registers an unauthenticated AJAX action which, given a valid nonce that is publicly emitted on any frontend page enqueuing its map script, unconditional…
|
-
|
CVE-2026-8935
|
2026-06-16 03:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
690
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The WP Go Maps WordPress plugin before 10.0.10 does not perform any approval-state filtering on its public single-marker REST endpoint, allowing unauthenticated users to retrieve marker records that…
|
-
|
CVE-2026-8386
|
2026-06-16 03:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
