|
3291
|
3.3 |
LOW
Local
|
-
|
-
|
NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString (a 16-bit number of bytes), it returns a truncated strin…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-39824
|
2026-05-27 23:16 |
2026-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3292
|
- |
|
-
|
-
|
An issue in fetch_jpg() in xdrv_10_scripter.ino in Tasmota through 15.3.0.3 allows a remote attacker to cause heap buffer overflow. The Content-Length from a JPEG stream is stored in a uint16_t varia…
|
-
|
CVE-2026-38427
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3293
|
- |
|
-
|
-
|
Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the xdrv_10_scripter.ino, fetch_jpg(), jpg_task.boundary[40], strcpy() fu…
|
-
|
CVE-2026-38426
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3294
|
- |
|
-
|
-
|
In Slican telephone exchanges it is possible to manage the control panel remotely. An unauthenticated attacker can connect to the modem via a telephone with a specific caller ID. This allows them to …
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-35090
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3295
|
- |
|
-
|
-
|
In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can be obtained without authentication. An unauthenticated attacker can …
|
CWE-1391
Use of Weak Credentials
|
CVE-2026-35089
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3296
|
- |
|
-
|
-
|
Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command.
This issue was fixed…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-35087
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3297
|
4.3 |
MEDIUM
Network
|
traccar
|
traccar
|
Traccar is an open source GPS tracking system. Prior to 6.13.0, DeviceResource.uploadImage authorizes the target device only through Condition.Permission(User.class, getUserId(), Device.class) and th…
|
CWE-863
Incorrect Authorization
|
CVE-2026-44314
|
2026-05-27 23:02 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3298
|
7.5 |
HIGH
Network
|
benoitc
|
hackney
|
Uncontrolled Resource Consumption vulnerability in benoitc hackney allows Flooding. The SOCKS5 transport in src/hackney_socks5.erl correctly applies the caller-supplied timeout to the SOCKS5 negotiat…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-47071
|
2026-05-27 22:56 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3299
|
6.1 |
MEDIUM
Network
|
benoitc
|
hackney
|
Sensitive Data Exposure vulnerability in benoitc hackney allows Retrieve Embedded Sensitive Data. The HTTP/3 redirect handler in src/hackney_h3.erl passes the original request headers unchanged to th…
|
CWE-601
Open Redirect
|
CVE-2026-47070
|
2026-05-27 22:55 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3300
|
7.5 |
HIGH
Network
|
benoitc
|
hackney
|
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in benoitc hackney allows Excessive Allocation. The Alt-Svc response header parser in src/hackney_altsvc.erl does not guarantee fo…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2026-47066
|
2026-05-27 22:54 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
