|
1901
|
- |
|
-
|
-
|
The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirem…
|
CWE-305
Authentication Bypass by Primary Weakness
|
CVE-2025-4994
|
2026-06-23 04:49 |
2026-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1902
|
6.1 |
MEDIUM
Local
|
-
|
-
|
A path traversal vulnerability exists in keras-team/keras version 3.14.0, specifically in the `DiskIOStore.make` method within the Keras 3 model saving and loading library. This vulnerability arises …
|
CWE-22
Path Traversal
|
CVE-2026-12479
|
2026-06-23 04:49 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1903
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, on AWS Lambda, the ALB single-header response and the VPC Lattice v2 response join multiple Set…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2026-54287
|
2026-06-23 04:49 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1904
|
7.1 |
HIGH
Network
|
-
|
-
|
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, with credentials: true and no explicit origin (the default wildcard), the CORS Middleware refle…
|
CWE-942
Permissive Cross-domain Policy with Untrusted Domains
|
CVE-2026-54290
|
2026-06-23 04:49 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1905
|
4.8 |
MEDIUM
Network
|
-
|
-
|
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, on AWS Lambda@Edge, CloudFront delivers a request header that appears more than once as several…
|
CWE-348
Use of Less Trusted Source
|
CVE-2026-54289
|
2026-06-23 04:49 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1906
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter.
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-51843
|
2026-06-23 04:45 |
2026-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1907
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter.
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-51844
|
2026-06-23 04:45 |
2026-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1908
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter.
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-51845
|
2026-06-23 04:45 |
2026-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1909
|
- |
|
-
|
-
|
Incorrect default permissions in ArubaSign, affecting versions prior to v4.6.6. The vulnerability is caused by the assignment of inappropriate permissions during the software’s default installation, …
|
CWE-276
Incorrect Default Permissions
|
CVE-2026-12602
|
2026-06-23 04:45 |
2026-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1910
|
- |
|
-
|
-
|
The vulnerability is present in the ‘/addJugador’ endpoint:
* The 'keyJugador' and 'keyJugadorObjectiu' parameters allow the modification of other users’ information without requiring prior autho…
|
CWE-20
Improper Input Validation
|
CVE-2026-7165
|
2026-06-23 04:45 |
2026-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
