|
1301
|
4.8 |
MEDIUM
Network
|
cryptomator
|
cryptomator
|
Cryptomator is an open-source client-side encryption application for cloud storage. Version 1.19.1 contains a logic flaw in CheckHostTrustController.getAuthority() that allows an attacker to bypass t…
|
CWE-305
CWE-319
Authentication Bypass by Primary Weakness
Cleartext Transmission of Sensitive Information
|
CVE-2026-33472
|
2026-04-23 03:44 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1302
|
7.1 |
HIGH
Local
|
openexr
|
openexr
|
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-40250
|
2026-04-23 03:41 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1303
|
7.1 |
HIGH
Local
|
openexr
|
openexr
|
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-40244
|
2026-04-23 03:41 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1304
|
5.3 |
MEDIUM
Network
|
openexr
|
openexr
|
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer ove…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-39886
|
2026-04-23 03:41 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1305
|
6.3 |
MEDIUM
Local
|
nicolargo
|
glances
|
Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Cassandra export module (`glances/exports/glances_cassandra/__init__.py`) interpolates `keyspace`, `table`…
|
CWE-89
SQL Injection
|
CVE-2026-35588
|
2026-04-23 03:40 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1306
|
7.5 |
HIGH
Network
|
littlecms
|
little_cms
|
Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication.
|
CWE-696
CWE-190
Incorrect Behavior Order
Integer Overflow or Wraparound
|
CVE-2026-41254
|
2026-04-23 03:34 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1307
|
7.3 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-6753
|
2026-04-23 02:40 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1308
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
|
Mitigation bypass in Firefox for Android. This vulnerability was fixed in Firefox 150.
|
CWE-200
Information Exposure
|
CVE-2026-6756
|
2026-04-23 02:40 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1309
|
6.3 |
MEDIUM
Network
|
mozilla
|
firefox
thunderbird
|
Invalid pointer in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2026-6757
|
2026-04-23 02:39 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1310
|
9.8 |
CRITICAL
Network
|
mozilla
|
firefox
thunderbird
|
Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-6760
|
2026-04-23 02:38 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
