|
2811
|
6.1 |
MEDIUM
Local
|
-
|
-
|
Access of uninitialized pointer, Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Pointer Manipulation, Oversized Serialized Data Payloads.
This issue affects rlottie: befo…
|
CWE-674
CWE-824
Uncontrolled Recursion
Access of Uninitialized Pointer
|
CVE-2026-47320
|
2026-06-5 00:27 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2812
|
6.1 |
MEDIUM
Local
|
-
|
-
|
Integer overflow or wraparound vulnerability in Samsung Open Source rlottie allows Integer Attacks.
This issue affects rlottie: before 21292665023e5074b38254432716866d00f1985f.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-49510
|
2026-06-5 00:27 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2813
|
6.1 |
MEDIUM
Local
|
-
|
-
|
Out-of-bounds write vulnerability in Samsung Open Source rlottie allows Overflow Buffers.
This issue affects rlottie: before dcfde72eae1b0464dc0dd760aec00ada6a148635.
|
CWE-787
Out-of-bounds Write
|
CVE-2026-8916
|
2026-06-5 00:27 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2814
|
- |
|
-
|
-
|
This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker cou…
|
CWE-78
OS Command
|
CVE-2026-45431
|
2026-06-5 00:26 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2815
|
- |
|
-
|
-
|
This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2026-45432
|
2026-06-5 00:26 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2816
|
- |
|
-
|
-
|
This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the…
|
CWE-321
Use of Hard-coded Cryptographic Key
|
CVE-2026-45433
|
2026-06-5 00:26 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2817
|
9.1 |
CRITICAL
Network
|
-
|
-
|
A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environment variables in AI Gateway secrets, which can be exploited to exfiltrate sensitive server-side environm…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2026-4035
|
2026-06-5 00:25 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2818
|
6.1 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allows an attacker to bypass CORS origin validation when the `allow_origin_pat` configuration is used. The issue arises from the use o…
|
CWE-346
Origin Validation Error
|
CVE-2026-6657
|
2026-06-5 00:25 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2819
|
- |
|
-
|
-
|
A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: ver…
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2025-12694
|
2026-06-5 00:25 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2820
|
8.1 |
HIGH
Network
|
-
|
-
|
HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site v…
|
CWE-1027
|
CVE-2025-59874
|
2026-06-5 00:25 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
