|
831
|
- |
|
-
|
-
|
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains missing authorization checks on multiple web application endpoints. An authenticated attacker with minimal privileges c…
New
|
CWE-862
Missing Authorization
|
CVE-2026-34024
|
2026-06-15 21:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
832
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in Ansible Lightspeed. This vulnerability, related to insufficient session expiration, allows a remote attacker to maintain persistent access to the Ansible Lightspeed instance. If a…
New
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-44188
|
2026-06-15 19:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
833
|
- |
|
-
|
-
|
Quick.CMS deserializes user-controlled data received over plaintext HTTP without ensuring integrity or authenticity. This allows attackers to tamper with serialized payloads in transit and inject mal…
New
|
CWE-94
CWE-502
Code Injection
Deserialization of Untrusted Data
|
CVE-2026-11860
|
2026-06-15 19:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
834
|
5.5 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability was identified in Yealink SIP-T46U 108.86.0.118. Affected by this vulnerability is the function mod_webd.TFTPUploadIperf of the file /api/inner/tftpuploadiperf of the component Web Fa…
New
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-12223
|
2026-06-15 15:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
835
|
8.0 |
HIGH
Adjacent
|
-
|
-
|
A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function mod_webd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipu…
New
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-12222
|
2026-06-15 15:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
836
|
8.0 |
HIGH
Adjacent
|
-
|
-
|
A vulnerability was found in Yealink SIP-T46U 108.86.0.118. This impacts the function sprintf of the file /api/upgrade/upgrade of the component Firmware Chunk Upload Handler. Performing a manipulatio…
New
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-12221
|
2026-06-15 15:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
837
|
8.0 |
HIGH
Adjacent
|
-
|
-
|
A vulnerability has been found in Yealink SIP-T46U 108.86.0.118. This affects the function mod_upgrade.SparePartsUpload of the file /api/upgrade/accupgradebychunk of the component Firmware Chunk Uplo…
New
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-12220
|
2026-06-15 15:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
838
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in Yealink SIP-T46U 108.86.0.118. The impacted element is the function mod_diagnose.CommandShellByType of the file /api/diagnosis/start of the component Web FastCGI Service. Thi…
New
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-12219
|
2026-06-15 15:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
839
|
8.0 |
HIGH
Adjacent
|
-
|
-
|
A vulnerability was detected in Yealink SIP-T46U 108.87.50.1. The affected element is the function StartReportInformation of the file /api/inner/beforewifitest of the component Web FastCGI Service. T…
New
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-12218
|
2026-06-15 15:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
840
|
7.8 |
HIGH
Local
|
-
|
-
|
A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5. Impacted is an unknown function in the library dvdfabio.sys of the component Signed Kernel Driver. The manipulation leads t…
New
|
CWE-266
CWE-269
Incorrect Privilege Assignment
Improper Privilege Management
|
CVE-2026-12217
|
2026-06-15 13:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
