|
381
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Insufficient policy enforcement in Subresource Integrity in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via malicious network traffic. (Chromium s…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-11038
|
2026-06-6 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
382
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-11037
|
2026-06-6 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
383
|
6.5 |
MEDIUM
Network
|
-
|
-
|
CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial …
New
|
CWE-20
Improper Input Validation
|
CVE-2025-5090
|
2026-06-6 02:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
384
|
6.5 |
MEDIUM
Network
|
-
|
-
|
In a CVX cluster, an EOS switch connected to a CVX server is not resilient to certain malformed messages received from the connected CVX server. Similarly, the CVX server is not resilient to certain …
New
|
CWE-20
Improper Input Validation
|
CVE-2025-5089
|
2026-06-6 02:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
385
|
8.3 |
HIGH
Network
|
-
|
-
|
An authenticated Redis session could be used to obtain full root access to all servers in the CVX cluster. Note that this would require an attacker to have both network access to the Redis service on…
New
|
CWE-269
Improper Privilege Management
|
CVE-2025-5088
|
2026-06-6 02:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
386
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. Affected is an unknown function of the file …
New
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-11336
|
2026-06-6 02:04 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
387
|
- |
|
-
|
-
|
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags.
DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sour…
New
|
CWE-93
CWE-150
CRLF Injection
Improper Neutralization of Escape, Meta, or Control Sequences
|
CVE-2026-11362
|
2026-06-6 02:04 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
388
|
6.5 |
MEDIUM
Network
|
-
|
-
|
7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule (.scap) parser in 7-Zip. The OpenCa…
New
|
CWE-908
Use of Uninitialized Resource
|
CVE-2026-48101
|
2026-06-6 02:04 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
389
|
3.1 |
LOW
Network
|
-
|
-
|
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parse…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-48102
|
2026-06-6 02:04 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
390
|
- |
|
-
|
-
|
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections.
DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources.
The send_s…
New
|
CWE-93
CWE-150
CRLF Injection
Improper Neutralization of Escape, Meta, or Control Sequences
|
CVE-2026-9270
|
2026-06-6 02:04 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
