|
201
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalization Handler. Performing a manipulation…
New
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-11450
|
2026-06-9 01:16 |
2026-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument ku…
New
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-11448
|
2026-06-9 01:16 |
2026-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium securit…
Update
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-11123
|
2026-06-9 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
204
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security sever…
Update
|
CWE-358
Improperly Implemented Security Check for Standard
|
CVE-2026-11122
|
2026-06-9 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
205
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Insufficient validation of untrusted input in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted H…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11121
|
2026-06-9 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
206
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Enterprise Reporting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a …
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11120
|
2026-06-9 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207
|
7.2 |
HIGH
Network
|
-
|
-
|
A flaw has been found in Shibby Tomato 1.28.0000. This affects the function start_dhcpc of the file /sbin/rc of the component Web UI. This manipulation causes os command injection. It is possible to …
Update
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-10870
|
2026-06-9 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
drm/vkms: Convert to DRM's vblank timer
Replace vkms' vblank timer with the DRM implementation. The DRM
code is identical in conc…
New
|
-
|
CVE-2025-71315
|
2026-06-9 01:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209
|
6.5 |
MEDIUM
Network
|
-
|
-
|
OfflineIMAP before 8.0.3 trusts the server with their STARTTLS capability prior to authentication, which allows STRIPTLS/man-in-the-middle attacks, taking over the connection and extracting account c…
New
|
CWE-348
Use of Less Trusted Source
|
CVE-2020-37248
|
2026-06-9 01:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210
|
4.8 |
MEDIUM
Network
|
checkmk
|
checkmk
|
Stored cross-site scripting in the global settings change log in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an administrator who can change global settings to store malicio…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-8078
|
2026-06-9 00:53 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
