|
2701
|
9.8 |
CRITICAL
Network
|
nvidia
|
triton_inference_server
|
NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code executio…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-24213
|
2026-05-21 02:18 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2702
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Privilege escalation in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
|
CWE-269
Improper Privilege Management
|
CVE-2026-8972
|
2026-05-21 02:16 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2703
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Privilege escalation in the Enterprise Policies component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
|
CWE-269
Improper Privilege Management
|
CVE-2026-8957
|
2026-05-21 02:16 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2704
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
|
CWE-269
Improper Privilege Management
|
CVE-2026-8955
|
2026-05-21 02:16 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2705
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Privilege escalation in the Application Update component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
|
CWE-269
Improper Privilege Management
|
CVE-2026-8952
|
2026-05-21 02:16 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2706
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…
|
-
|
CVE-2026-8342
|
2026-05-21 02:16 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2707
|
7.1 |
HIGH
Network
|
-
|
-
|
A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID, can bypass a security control intended to disable the implicit flow in OpenID Connect (OIDC) clie…
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-7571
|
2026-05-21 02:16 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2708
|
7.5 |
HIGH
Network
|
-
|
-
|
A session fixation vulnerability was found in Keycloak's login-actions endpoints. An unauthenticated attacker could exploit this flaw by pre-creating an authentication session and tricking a victim i…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2026-7507
|
2026-05-21 02:16 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2709
|
8.1 |
HIGH
Network
|
-
|
-
|
A flaw was found in Keycloak's URL validation logic during redirect operations. By crafting a malicious request, an attacker could bypass validation to redirect users to unauthorized URLs, potentiall…
|
CWE-601
Open Redirect
|
CVE-2026-7504
|
2026-05-21 02:16 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2710
|
7.5 |
HIGH
Network
|
-
|
-
|
A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the Security Assertion Markup Language (SAML) endpoint. This malicious input can cause high …
|
CWE-1286
Improper Validation of Syntactic Correctness of Input
|
CVE-2026-7307
|
2026-05-21 02:16 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
