|
241
|
8.8 |
HIGH
Network
|
-
|
-
|
Dulwich is a pure-Python implementation of the Git file formats and protocols. Versions starting with 0.10.0 and prior to 1.2.5 have an arbitrary file write leading to remote code execution when clon…
New
|
CWE-22
Path Traversal
|
CVE-2026-42305
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
242
|
- |
|
-
|
-
|
Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, Dulwich's `ProcessMergeDriver` substitutes the file path (from th…
New
|
CWE-78
OS Command
|
CVE-2026-42563
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
243
|
10.0 |
CRITICAL
Network
|
-
|
-
|
Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to run untrusted code. Prior to version 0.9.0, Boxlite does not res…
New
|
CWE-284
Improper Access Control
|
CVE-2026-46695
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
244
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to run untrusted code. Prior to version 0.9.0, Boxlite allows users…
New
|
CWE-22
Path Traversal
|
CVE-2026-46703
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to run untrusted code. In versions 0.8.2 and prior, Boxlite allows …
New
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-47213
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246
|
3.3 |
LOW
Local
|
-
|
-
|
Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, dulwich.porcelain.format_patch(outdir=...) derives each patch fil…
New
|
CWE-22
Path Traversal
|
CVE-2026-47712
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247
|
5.7 |
MEDIUM
Network
|
-
|
-
|
Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.1.0 and prior to version 1.2.5, a client with push access could push a tiny crafted thin pack (~17…
New
|
CWE-400
CWE-789
Uncontrolled Resource Consumption
Memory Allocation with Excessive Size Value
|
CVE-2026-47734
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248
|
7.5 |
HIGH
Network
|
-
|
-
|
Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.23.2 and prior to version 1.2.5, `dulwich.porcelain.submodule_update`, and by extension `porcelain…
New
|
CWE-22
Path Traversal
|
CVE-2026-52726
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2019
windows_server_2022
windows_server_2025
|
Use after free in Windows SDK allows an authorized attacker to elevate privileges locally.
New
|
CWE-190
CWE-416
Integer Overflow or Wraparound
Use After Free
|
CVE-2026-45593
|
2026-06-12 00:14 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250
|
5.5 |
MEDIUM
Local
|
microsoft
|
windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2016
windows_server_2019
w…
|
Exposure of sensitive information to an unauthorized actor in Windows Application Identity (AppID) Subsystem allows an authorized attacker to disclose information locally.
New
|
CWE-200
Information Exposure
|
CVE-2026-45594
|
2026-06-12 00:13 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
