|
41
|
9.8 |
CRITICAL
Network
|
nvidia
|
triton_inference_server
|
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to escalation of privileges, deni…
New
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-24206
|
2026-05-21 02:31 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
42
|
7.6 |
HIGH
Network
|
-
|
-
|
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Beyaz Computer Software Design Industry and Trade Ltd. Co. CityPLus allows Reflected XSS.
This i…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-5783
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
43
|
9.8 |
CRITICAL
Network
|
nvidia
|
triton_inference_server
|
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to code execution, escalation of …
New
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-24207
|
2026-05-21 02:30 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
44
|
7.5 |
HIGH
Network
|
-
|
-
|
Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Exposure of Information Through Directory Listing vulnerability. An unauthenticated attacker with remote access could potentially exploit thi…
New
|
CWE-548
Exposure of Information Through Directory Listing
|
CVE-2025-32750
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
45
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the brow…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-4293
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
46
|
9.1 |
CRITICAL
Network
|
-
|
-
|
An undocumented configuration export port is accessible on some models
of ZKTeco CCTV cameras. This port does not require authentication and
exposes critical information about the camera such as op…
New
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-8598
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
47
|
6.8 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the Border Gateway Protocol (BGP) enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow a…
New
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2026-20171
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
48
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to execute commands on the underlying operating system as the roo…
New
|
CWE-74
Injection
|
CVE-2026-20199
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
49
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Agent could have allowed an authenticated, remote attacker to execute arbitrary commands on Agents on behalf of the Browse…
New
|
CWE-78
OS Command
|
CVE-2026-20206
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
50
|
10.0 |
CRITICAL
Network
|
-
|
-
|
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the S…
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-20223
|
2026-05-21 02:30 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
