|
261
|
5.5 |
MEDIUM
Network
|
-
|
-
|
IBM Security Verify Directory (Container) 10.0.0 through 10.0.0.3 IBM Security Verify Directory could be vulnerable to malicious file upload by not validating file type. A privileged user could uploa…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2025-36074
|
2026-04-24 23:50 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262
|
2.7 |
LOW
Network
|
-
|
-
|
IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to Security Misconfiguration vulnerability in the user access control panel.
New
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-1272
|
2026-04-24 23:50 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263
|
4.9 |
MEDIUM
Network
|
-
|
-
|
IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel.
New
|
CWE-840
Business Logic Errors
|
CVE-2026-1274
|
2026-04-24 23:50 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264
|
6.5 |
MEDIUM
Network
|
-
|
-
|
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutr…
New
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2026-1352
|
2026-04-24 23:50 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265
|
4.8 |
MEDIUM
Network
|
-
|
-
|
IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-1726
|
2026-04-24 23:50 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266
|
9.8 |
CRITICAL
Network
|
-
|
-
|
In Rocket.Chat <8.3.0, <8.2.1, <8.1.2, <8.0.3, <7.13.5, <7.12.6, <7.11.6, and <7.10.9, a NoSQL injection vulnerability can lead to account takeover of the first user with a generated token when an OA…
New
|
CWE-89
SQL Injection
|
CVE-2026-29198
|
2026-04-24 23:50 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267
|
7.8 |
HIGH
Local
|
-
|
-
|
The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network Camera Plugin (CanonNWCamPlugin.exe and CanonNWCam…
New
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2026-32679
|
2026-04-24 23:50 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268
|
7.5 |
HIGH
Network
|
-
|
-
|
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when an application is deploy…
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-3621
|
2026-04-24 23:50 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269
|
7.5 |
HIGH
Network
|
-
|
-
|
A path Traversal vulnerability exists in Ziostation2 v2.9.8.7 and earlier. A remote unauthenticated attacker may get sensitive information on the operating system.
New
|
CWE-22
Path Traversal
|
CVE-2026-40062
|
2026-04-24 23:50 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270
|
- |
|
-
|
-
|
Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint `options/set` is exposed without `AuthRequired: true`, but it can mutate …
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-41176
|
2026-04-24 23:50 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
