|
91
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.9, any authenticated non-admin member can connect to the serve…
New
|
CWE-200
Information Exposure
|
CVE-2026-47124
|
2026-06-13 07:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
92
|
7.1 |
HIGH
Network
|
-
|
-
|
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.8, a RoleMember can fire other users' cron tasks via AlertRule…
New
|
CWE-862
CWE-863
Missing Authorization
Incorrect Authorization
|
CVE-2026-47120
|
2026-06-13 07:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
93
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.8, a RoleMember user can create a scheduled cron task with Cov…
New
|
CWE-78
CWE-269
CWE-862
OS Command
Improper Privilege Management
Missing Authorization
|
CVE-2026-46716
|
2026-06-13 07:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
94
|
- |
|
-
|
-
|
Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages.
Physical memory allocated and freed, without the deferred free mechanis…
New
|
CWE-416
Use After Free
|
CVE-2026-41158
|
2026-06-13 07:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
95
|
- |
|
-
|
-
|
A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger an out-of-bound write in the GPU user-space driver, leading to memory corruption and possible b…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-41157
|
2026-06-13 07:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
96
|
- |
|
-
|
-
|
An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secure memory allocations in the kernel module. Additionally, an attacker could disr…
New
|
CWE-653
Improper Isolation or Compartmentalization
|
CVE-2026-41155
|
2026-06-13 07:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
97
|
- |
|
-
|
-
|
Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel.
The product incorrectly indexes internal state w…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-34195
|
2026-06-13 07:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
98
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function Invoice of the file \application\controllers\Payroll.php of the component Pay…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-12131
|
2026-06-13 07:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
99
|
5.5 |
MEDIUM
Local
|
-
|
-
|
Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process.
This issue affects Avast Antivirus, AVG Antivirus…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2025-7019
|
2026-06-13 07:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
100
|
5.5 |
MEDIUM
Local
|
-
|
-
|
Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus engine process.
This issue affects Avira Antiv…
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-7018
|
2026-06-13 07:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
