|
921
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The…
Update
|
CWE-259
CWE-798
Use of Hard-coded Password
Use of Hard-coded Credentials
|
CVE-2026-7579
|
2026-05-4 23:16 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
922
|
7.2 |
HIGH
Network
|
-
|
-
|
SSCMS v7.4.0 contains a SQL injection vulnerability in the stl:sqlContent tag where the queryString attribute is passed directly to database execution without parameterization or sanitization. Attack…
Update
|
CWE-89
SQL Injection
|
CVE-2026-7435
|
2026-05-4 23:16 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
923
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Path Traversal.
…
Update
|
CWE-22
Path Traversal
|
CVE-2026-5166
|
2026-05-4 23:16 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
924
|
8.8 |
HIGH
Network
|
-
|
-
|
Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack.
This issue affects Pardus …
Update
|
CWE-59
Link Following
|
CVE-2026-5161
|
2026-05-4 23:16 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
925
|
8.8 |
HIGH
Network
|
-
|
-
|
Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Authentication Bypass.
This issue affects P…
Update
|
CWE-93
CRLF Injection
|
CVE-2026-5140
|
2026-05-4 23:16 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
926
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…
New
|
-
|
CVE-2026-4928
|
2026-05-4 23:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
927
|
6.7 |
MEDIUM
Local
|
-
|
-
|
In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interacti…
New
|
CWE-843
Type Confusion
|
CVE-2026-20451
|
2026-05-4 23:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
928
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with…
New
|
CWE-617
Reachable Assertion
|
CVE-2026-20450
|
2026-05-4 23:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
929
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with n…
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-20449
|
2026-05-4 23:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
930
|
6.7 |
MEDIUM
Local
|
-
|
-
|
In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
New
|
CWE-280
Improper Handling of Insufficient Permissions or Privileges
|
CVE-2026-20448
|
2026-05-4 23:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
