|
3571
|
3.3 |
LOW
Local
|
-
|
-
|
Dell PowerScale OneFS versions 9.5.0.0 through 9.5.1.6, 9.6.0.0 through 9.7.1.13, 9.8.0.0 through 9.10.1.5 and 9.11.0.0 through 9.12.0.1 contains an Insufficient Logging vulnerability. A low privileg…
|
CWE-778
Insufficient Logging
|
CVE-2026-32803
|
2026-05-9 00:36 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3572
|
- |
|
-
|
-
|
An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash (BSOD) via a read size that exceeds the buffer size.Refer to the '
…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-3508
|
2026-05-9 00:34 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3573
|
- |
|
-
|
-
|
An Exposed IOCTL with Insufficient Access Control vulnerability in AsusPTPFilter allows a local user to bypass driver security mechanisms and obtain restricted touchpad information or render the touc…
|
CWE-782
Exposed IOCTL with Insufficient Access Control
|
CVE-2026-6737
|
2026-05-9 00:34 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3574
|
- |
|
-
|
-
|
PredatorSense version 3.00.3136 to 3.00.3196 contain Local Privilege Escalation (LPE) vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. …
|
CWE-22
CWE-269
CWE-284
CWE-732
Path Traversal
Improper Privilege Management
Improper Access Control
Incorrect Permission Assignment for Critical Resource
|
CVE-2026-8069
|
2026-05-9 00:34 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3575
|
- |
|
-
|
-
|
Daptin is a GraphQL/JSON-API headless CMS. Prior to version 0.11.5, processFuzzySearch in server/resource/resource_findallpaginated.go:1484 splits the user-supplied column parameter by comma and inte…
|
CWE-89
SQL Injection
|
CVE-2026-44349
|
2026-05-9 00:17 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3576
|
7.1 |
HIGH
Network
|
-
|
-
|
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the mailbox-filte…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-41906
|
2026-05-9 00:16 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3577
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: SCO: fix race conditions in sco_sock_connect()
sco_sock_connect() checks sk_state and sk_type without holding
the sock…
|
CWE-362
Race Condition
|
CVE-2026-43023
|
2026-05-8 23:56 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3578
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_sync: hci_cmd_sync_queue_once() return -EEXIST if exists
hci_cmd_sync_queue_once() needs to indicate whether a que…
|
NVD-CWE-noinfo
|
CVE-2026-43022
|
2026-05-8 23:53 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3579
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_sync: fix leaks when hci_cmd_sync_queue_once fails
When hci_cmd_sync_queue_once() returns with error, the destroy …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-43021
|
2026-05-8 23:50 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3580
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: MGMT: validate LTK enc_size on load
Load Long Term Keys stores the user-provided enc_size and later uses
it to size fi…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-43020
|
2026-05-8 23:41 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
