|
1151
|
5.0 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged u…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-10533
|
2026-06-2 01:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1152
|
9.8 |
CRITICAL
Network
|
-
|
-
|
SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9_B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints (mgmt.php, npcmd.php) that a…
Update
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2026-24444
|
2026-06-2 01:55 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1153
|
7.5 |
HIGH
Network
|
-
|
-
|
Usagi-org ai-goofish-monitor contains an unauthenticated arbitrary file read vulnerability in the GET /api/prompts/{filename} endpoint on Windows deployments that allows unauthenticated remote attack…
Update
|
CWE-36
Absolute Path Traversal
|
CVE-2026-10044
|
2026-06-2 01:55 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1154
|
7.5 |
HIGH
Network
|
-
|
-
|
Heatmiser Wifi Thermostat 1.7 contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve administrative credentials by accessing the networkSetup.htm page. Attac…
Update
|
CWE-256
Plaintext Storage of a Password
|
CVE-2018-25396
|
2026-06-2 01:55 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1155
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Open STA Manager 2.3 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by manipulating the file parameter. Attackers can send GET requests to modules…
Update
|
CWE-22
Path Traversal
|
CVE-2018-25421
|
2026-06-2 01:55 |
2026-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1156
|
8.2 |
HIGH
Network
|
-
|
-
|
MOGG web simulator Script contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the id parameter. Attacke…
Update
|
CWE-89
SQL Injection
|
CVE-2018-25422
|
2026-06-2 01:55 |
2026-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1157
|
6.2 |
MEDIUM
Local
|
-
|
-
|
Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 byte…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25423
|
2026-06-2 01:55 |
2026-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1158
|
8.2 |
HIGH
Network
|
-
|
-
|
Gate Pass Management System 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the login and password parameters.…
Update
|
CWE-89
SQL Injection
|
CVE-2018-25424
|
2026-06-2 01:55 |
2026-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1159
|
8.2 |
HIGH
Network
|
-
|
-
|
Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers …
Update
|
CWE-89
SQL Injection
|
CVE-2018-25425
|
2026-06-2 01:55 |
2026-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1160
|
8.5 |
HIGH
Network
|
-
|
-
|
OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can in…
Update
|
CWE-89
SQL Injection
|
CVE-2026-49489
|
2026-06-2 01:55 |
2026-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
