|
1221
|
- |
|
-
|
-
|
Idira Secrets Manager Self-Hosted versions 13.8.0 and lower exhibit improper access control within internal cluster endpoints. A remote, authenticated attacker possessing standard node-level credenti…
|
CWE-284
Improper Access Control
|
CVE-2026-45178
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1222
|
7.6 |
HIGH
Network
|
-
|
-
|
An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). In sasl_io_start_packet(), adding sizeof(uint32_t) to a crafted SASL packet length prefix of 0xFFFFFFFC…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-11774
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1223
|
6.5 |
MEDIUM
Network
|
-
|
-
|
An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gst_h266_parser_parse_picture_partiti…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-53701
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1224
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library (gst-plugins-bad). When parsing a buffering period SEI message, the parser uses an incorrect loop bound derived from…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-53702
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1225
|
- |
|
-
|
-
|
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security c…
|
CWE-295
Improper Certificate Validation
|
CVE-2026-45175
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1226
|
- |
|
-
|
-
|
FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. Prior to version 2.6.7, an attacker can upload a small, malicious PD…
|
CWE-400
CWE-770
Uncontrolled Resource Consumption
Allocation of Resources Without Limits or Throttling
|
CVE-2026-45802
|
2026-06-12 05:51 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1227
|
5.3 |
MEDIUM
Network
|
-
|
-
|
CodexBar before 0.33.0 contains a credential forwarding vulnerability that allows network-adjacent attackers to intercept sensitive credentials by issuing cross-origin or HTTP-downgrade redirects to …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2026-49949
|
2026-06-12 05:50 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1228
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Summarize before 0.17.0 contains a resource exhaustion vulnerability that allows remote attackers to cause disk exhaustion by serving media responses that bypass the enforced size limit through missi…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-53781
|
2026-06-12 05:50 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1229
|
7.4 |
HIGH
Network
|
-
|
-
|
Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers who control a podcast RSS feed to direct the host to fetch transcript content from loopback addresse…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-53782
|
2026-06-12 05:50 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1230
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections.
The statsd protocol (and extensions such as dogstatsd) allow mutiple metrics,separated by n…
|
CWE-93
CRLF Injection
|
CVE-2026-50638
|
2026-06-12 05:16 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
