|
1961
|
7.5 |
HIGH
Network
|
-
|
-
|
IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggl…
|
CWE-444
HTTP Request Smuggling
|
CVE-2026-8620
|
2026-05-27 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1962
|
7.8 |
HIGH
Local
|
-
|
-
|
A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the c…
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-7454
|
2026-05-27 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1963
|
5.3 |
MEDIUM
Local
|
-
|
-
|
A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition.
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-7453
|
2026-05-27 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1964
|
7.8 |
HIGH
Local
|
-
|
-
|
A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the c…
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-7452
|
2026-05-27 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1965
|
7.8 |
HIGH
Local
|
-
|
-
|
A maliciously crafted TIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data co…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-7451
|
2026-05-27 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1966
|
5.3 |
MEDIUM
Local
|
-
|
-
|
A maliciously crafted PAR file, when parsed through Autodesk 3ds Max, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a deni…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-7450
|
2026-05-27 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1967
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Eppendorf BioFlo 320 is vulnerable to due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain f…
|
CWE-259
Use of Hard-coded Password
|
CVE-2026-7251
|
2026-05-27 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1968
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTP_MSG_MANAGEMENT message to se…
|
CWE-1335
Incorrect Bitwise Shift of Integer
|
CVE-2026-5072
|
2026-05-27 03:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1969
|
8.2 |
HIGH
Network
|
-
|
-
|
Algernon is a small self-contained pure-Go web server. Prior to 1.17.8, when algernon is started with --domain (or --letsencrypt, which silently turns on --domain at engine/flags.go:372), the request…
|
CWE-22
CWE-23
CWE-644
Path Traversal
Relative Path Traversal
Improper Neutralization of HTTP Headers for Scripting Syntax
|
CVE-2026-48126
|
2026-05-27 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1970
|
- |
|
-
|
-
|
Kavita is a cross platform reading server. Prior to 0.9.0.2, an Improper Token validation flaw permits a remote and unauthenticated threat actor to request a JWT for any user including admins given k…
|
CWE-287
CWE-345
CWE-697
Improper Authentication
Insufficient Verification of Data Authenticity
Incorrect Comparison
|
CVE-2026-47202
|
2026-05-27 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
