|
1811
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 17.0.0 to before 17.0.15, 18.0.0 to before 18.1.12, 19.0.0 to before 19.1.16, 20.0.0 to before 20.1.11, and 21.0.0 to before …
|
CWE-284
Improper Access Control
|
CVE-2026-45264
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1812
|
2.6 |
LOW
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add u…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-45155
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1813
|
3.5 |
LOW
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. Prior to versions 21.1.10, 22.0.11, and 23.0.3, a low-privileged user can force other user's microphones to be muted in calls when no High-…
|
CWE-284
Improper Access Control
|
CVE-2026-45266
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1814
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. Prior to version 5.2.6, a missing permissions check allowed users to request reading form submissions of other users. This issue has been p…
|
CWE-200
CWE-862
Information Exposure
Missing Authorization
|
CVE-2026-45267
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1815
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Inappropriate implementation in ANGLE in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security …
|
CWE-269
Improper Privilege Management
|
CVE-2026-9999
|
2026-06-2 03:14 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1816
|
7.8 |
HIGH
Local
|
-
|
-
|
Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of …
|
CWE-77
Command Injection
|
CVE-2026-38945
|
2026-06-2 03:12 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1817
|
7.8 |
HIGH
Local
|
-
|
-
|
Command injection in Raynet rvia RayVentory Scan Engine 12.6 Update 8 and previous versions allows adversaries to execute commands via getconfig, upload, inventory, and oracle options.
|
CWE-77
Command Injection
|
CVE-2025-69600
|
2026-06-2 03:12 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1818
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Exposed methods allow authenticated users to create and execute arbitrary JavaScript code on the server. The scripts execute with full access, enabling complete system compromise as commands are exec…
|
CWE-78
OS Command
|
CVE-2026-9645
|
2026-06-2 03:12 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1819
|
6.1 |
MEDIUM
Network
|
-
|
-
|
A reflected cross-site scripting issue exists in URL handling.
|
CWE-80
Basic XSS
|
CVE-2026-9646
|
2026-06-2 03:12 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1820
|
4.0 |
MEDIUM
Local
|
-
|
-
|
XX-Net V5.16.6 contains a WebSocket frame parsing vulnerability in the WebSocket_receive_worker routine of simple_http_server.py that allows attackers to cause corrupted application data by sending u…
|
CWE-1286
Improper Validation of Syntactic Correctness of Input
|
CVE-2026-10099
|
2026-06-2 03:12 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
