|
761
|
7.8 |
HIGH
Local
|
-
|
-
|
It has been identified that a vulnerability (CWE-427) exists in the UPS (Uninterruptible Power Supply) management application, whereby improper permissions on the installation directory allow a malic…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2026-5397
|
2026-04-18 00:17 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
762
|
2.9 |
LOW
Local
|
-
|
-
|
HCL AION is affected by a vulnerability where certain system behaviours may allow exploration of internal filesystem structures. Exposure of such information may provide insights into the underlying …
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2025-52641
|
2026-04-18 00:17 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
763
|
7.5 |
HIGH
Network
|
-
|
-
|
Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1
allows attackers to consume excessive amounts of disk space via network interface.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-33618
|
2026-04-18 00:17 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
764
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Versions of the package github.com/yuin/goldmark/renderer/html before 1.7.17 are vulnerable to Cross-site Scripting (XSS) due to improper ordering of URL validation and normalization. The renderer va…
|
CWE-79
Cross-site Scripting
|
CVE-2026-5160
|
2026-04-18 00:17 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
765
|
6.5 |
MEDIUM
Network
|
-
|
-
|
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve…
|
-
|
CVE-2026-5758
|
2026-04-18 00:17 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
766
|
7.3 |
HIGH
Local
|
-
|
-
|
A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's `ReadJeffsImage` function allows an attacker to write beyond an allocated buffer by processing a spec…
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-6384
|
2026-04-18 00:17 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
767
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability i…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-6385
|
2026-04-18 00:17 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
768
|
- |
|
-
|
-
|
Inadequate Encryption Strength vulnerability in TP-Link Archer C7 v5 and v5.8 (uhttpd modules) allows Password Recovery Exploitation. The web interface encrypts the admin password client-side using R…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2026-5363
|
2026-04-18 00:17 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
769
|
- |
|
-
|
-
|
An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources duri…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-1880
|
2026-04-18 00:17 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
770
|
- |
|
-
|
-
|
A Download of Code Without Integrity Check vulnerability in the update modules in ASUS Member Center(华硕大厅) allows a local user to achieve privilege escalation to Administrator via exploitation of a T…
|
CWE-367
CWE-494
Time-of-check Time-of-use (TOCTOU) Race Condition
Download of Code Without Integrity Check
|
CVE-2026-3428
|
2026-04-18 00:17 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
