|
181
|
- |
|
-
|
-
|
Out-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages.
This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-43951
|
2026-06-9 01:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
182
|
- |
|
-
|
-
|
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the variable update endpoint of FlowiseAI. T…
New
|
CWE-284
CWE-639
CWE-915
Improper Access Control
Authorization Bypass Through User-Controlled Key
Improperly Controlled Modification of Dynamically-Determined Object Attributes
|
CVE-2026-42861
|
2026-06-9 01:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
183
|
5.4 |
MEDIUM
Network
|
-
|
-
|
IRIS is a web collaborative platform that helps incident responders share technical details during investigations. In versions prior to 2.4.28, users can create alerts for customers that are not assi…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2026-42547
|
2026-06-9 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
184
|
- |
|
-
|
-
|
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with mod_xml2enc, xml2StartParse, and untrusted content
This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.
Users are re…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-42536
|
2026-06-9 01:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
185
|
- |
|
-
|
-
|
A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes.
User…
New
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2026-42535
|
2026-06-9 01:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
186
|
4.7 |
MEDIUM
Network
|
-
|
-
|
Iris is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 contain a weakness where an attacker can misuse it to redir…
Update
|
CWE-602
Client-Side Enforcement of Server-Side Security
|
CVE-2026-42329
|
2026-06-9 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
187
|
8.8 |
HIGH
Network
|
-
|
-
|
Froxlor is open source server administration software. Version 2.3.6 contains a symlink-following flaw in the root-owned SSH key synchronization path used for customer FTP users. The provisioning cod…
Update
|
CWE-59
Link Following
|
CVE-2026-41236
|
2026-06-9 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
188
|
- |
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability allows attackers to ca…
New
|
-
|
CVE-2026-36786
|
2026-06-9 01:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
189
|
- |
|
-
|
-
|
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie*
This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.
Users are…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-34356
|
2026-06-9 01:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
190
|
- |
|
-
|
-
|
A buffer overflow in mod_proxy_html in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend.
Users are recommended to upgrade to version 2.4.68, which fixes this issue.
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-34355
|
2026-06-9 01:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
