|
391
|
7.5 |
HIGH
Network
|
apache
|
http_server
|
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie*
This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.
Users are…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-34356
|
2026-06-10 01:17 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
392
|
8.8 |
HIGH
Network
|
dlink
|
dir-823g_firmware
|
A security flaw has been discovered in D-Link DIR-823G 1.0.2B05. The affected element is an unknown function of the file /etc/vsftpd.conf of the component vsftpd. Performing a manipulation results in…
New
|
CWE-266
CWE-272
Incorrect Privilege Assignment
Least Privilege Violation
|
CVE-2026-11492
|
2026-06-10 01:17 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
393
|
7.5 |
HIGH
Network
|
dlink
|
dgs-1100-08pd_firmware
|
A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least …
New
|
CWE-266
CWE-272
Incorrect Privilege Assignment
Least Privilege Violation
|
CVE-2026-11555
|
2026-06-10 01:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
394
|
8.8 |
HIGH
Network
|
dlink
|
dcs-5615_firmware
|
A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the component Boa Webserver. Such manipul…
New
|
CWE-266
CWE-272
Incorrect Privilege Assignment
Least Privilege Violation
|
CVE-2026-11497
|
2026-06-10 01:16 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
395
|
- |
|
-
|
-
|
CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side file contents when an attacker with a Data Center Expert user…
New
|
CWE-611
XXE
|
CVE-2026-8045
|
2026-06-10 01:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
396
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in MOSK Information Technologies Ltd. CBS Platform allows SQL Injection.
This issue affects CBS Pla…
New
|
CWE-89
SQL Injection
|
CVE-2026-8025
|
2026-06-10 01:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
397
|
5.3 |
MEDIUM
Network
|
-
|
-
|
In OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JSON-RPC service and effect a service crash.
Update
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-50589
|
2026-06-10 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
398
|
8.1 |
HIGH
Network
|
-
|
-
|
Mem0 versions through 0.2.8, fixed in commit ae7f406, contain a missing authorization vulnerability in the self-hosted server component where the POST /configure endpoint modifies global LLM provider…
New
|
CWE-862
Missing Authorization
|
CVE-2026-49948
|
2026-06-10 01:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
399
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all versions may allow attacker to improper access control via <i…
New
|
CWE-284
Improper Access Control
|
CVE-2026-49938
|
2026-06-10 01:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
400
|
4.3 |
MEDIUM
Network
|
7-zip
|
7-zip
|
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parse…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2026-48102
|
2026-06-10 01:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
