|
2831
|
- |
|
-
|
-
|
Uncontrolled Resource Consumption vulnerability in oban-bg oban_web ('Elixir.Oban.Web.CronExpr' modules) allows memory exhaustion via unbounded cron range expansion.
An attacker with access to sched…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-48593
|
2026-05-28 04:38 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2832
|
5.9 |
MEDIUM
Network
|
putty
|
putty
|
PuTTY 0.72 before 0.84 has a double free in RSA KEX.
|
CWE-415
Double Free
|
CVE-2026-48850
|
2026-05-28 04:14 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2833
|
3.1 |
LOW
Network
|
putty
|
putty
|
PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session.
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-48851
|
2026-05-28 04:12 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2834
|
3.7 |
LOW
Network
|
putty
|
putty
|
PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification.
|
CWE-617
Reachable Assertion
|
CVE-2026-48852
|
2026-05-28 04:11 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2835
|
5.3 |
MEDIUM
Local
|
squirrel-lang
|
squirrel
|
A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results …
|
CWE-119
CWE-122
Incorrect Access of Indexable Resource ('Range Error')
Heap-based Buffer Overflow
|
CVE-2026-9541
|
2026-05-28 03:48 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2836
|
9.8 |
CRITICAL
Network
|
perl
|
perl
|
Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds.
Perl_study_chunk in regcomp_study.c checked the size of th…
|
CWE-680
Integer Overflow to Buffer Overflow
|
CVE-2026-8376
|
2026-05-28 03:43 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2837
|
7.5 |
HIGH
Network
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MP_REACH_NLRI IPv6 attribute decoder. The function decode_mp_reach_ipv6() in src/bgp_protocol.cpp contains …
|
CWE-125
Out-of-bounds Read
|
CVE-2026-48688
|
2026-05-28 03:36 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2838
|
7.7 |
HIGH
Network
|
microsoft
|
azure_stack_hci
|
Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network.
|
CWE-20
Improper Input Validation
|
CVE-2026-26147
|
2026-05-28 03:34 |
2026-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2839
|
8.8 |
HIGH
Network
|
microsoft
|
sharepoint_server
|
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-45659
|
2026-05-28 03:32 |
2026-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2840
|
8.1 |
HIGH
Adjacent
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 exposes a gRPC API server on port 50052 with no authentication mechanism. The server is initialized with grpc::InsecureServerCredentials() (src/fastnetmon.c…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-48692
|
2026-05-28 03:30 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
