|
1101
|
6.5 |
MEDIUM
Adjacent
|
watchguard
|
agent
|
Stack-based Buffer Overflow vulnerability in the WatchGuard Agent discovery service on Windows allows Overflow Buffers. An unauthenticated attacker on the same local network could exploit this vulner…
Update
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-41286
|
2026-05-12 03:36 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1102
|
7.8 |
HIGH
Local
|
watchguard
|
agent
|
Incorrect permission assignment for a resource in the patch management component of the WatchGuard Agent on Windows allows an authenticated local user to elevate their privileges to NT AUTHORITY\\SYS…
Update
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2026-41288
|
2026-05-12 03:35 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1103
|
7.8 |
HIGH
Local
|
watchguard
|
agent
|
Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects WatchGuard Agent: before 1.25.03.0000.
Update
|
CWE-321
Use of Hard-coded Cryptographic Key
|
CVE-2026-6787
|
2026-05-12 03:33 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1104
|
7.8 |
HIGH
Local
|
watchguard
|
agent
|
Uncontrolled Search Path Element vulnerability in WatchGuard Agent on Windows allows Using Malicious Files.This issue affects WatchGuard Agent before 1.25.03.0000.
Update
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2026-6788
|
2026-05-12 03:33 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1105
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ovpn: tcp - fix packet extraction from stream
When processing TCP stream data in ovpn_tcp_recv, we receive large
cloned skbs from…
Update
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-43254
|
2026-05-12 03:21 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1106
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: libertas: fix WARNING in usb_tx_block
The function usb_tx_block() submits cardp->tx_urb without ensuring that
any previous …
Update
|
NVD-CWE-noinfo
|
CVE-2026-43255
|
2026-05-12 03:18 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1107
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update()
vfe_isr() iterates using MSM_VFE_IMAGE_MASTERS_NUM(7) a…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2026-43256
|
2026-05-12 03:16 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1108
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element is the function handleBlueBubblesWebhookRequest of the file extensions/bluebubbles/src/monitor.ts of the component blueb…
New
|
CWE-287
Improper Authentication
|
CVE-2026-8305
|
2026-05-12 03:16 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1109
|
4.6 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UPF. This manipulation causes improper access controls. A high degree of com…
Update
|
CWE-266
CWE-284
Incorrect Privilege Assignment
Improper Access Control
|
CVE-2026-8233
|
2026-05-12 03:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1110
|
4.8 |
MEDIUM
Network
|
-
|
-
|
Stored cross-site scripting (XSS) vulnerability in pgAdmin 4 Browser Tree and Explain Visualizer modules.
User-controlled PostgreSQL object names (database, schema, table, column, etc.) were assigne…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-7814
|
2026-05-12 03:16 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
