|
1331
|
5.3 |
MEDIUM
Network
|
silextechnology
|
sd-330ac_firmware
amc_manager
|
SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue on firmware maintenance. Arbitrary file may be uploaded on the device without …
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-32957
|
2026-04-23 01:58 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1332
|
9.8 |
CRITICAL
Network
|
silextechnology
|
sd-330ac_firmware
amc_manager
|
SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-32956
|
2026-04-23 01:57 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1333
|
8.8 |
HIGH
Network
|
silextechnology
|
sd-330ac_firmware
amc_manager
|
SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-32955
|
2026-04-23 01:56 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1334
|
7.3 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-6751
|
2026-04-23 01:08 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1335
|
7.3 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-6752
|
2026-04-23 01:08 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1336
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
thunderbird
|
Mitigation bypass in the DOM: postMessage component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
|
CWE-352
Origin Validation Error
|
CVE-2026-6755
|
2026-04-23 01:08 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1337
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
|
CWE-416
Use After Free
|
CVE-2026-6759
|
2026-04-23 01:08 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1338
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
thunderbird
|
Incorrect boundary conditions in the DOM: Device Interfaces component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-6764
|
2026-04-23 01:07 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1339
|
5.3 |
MEDIUM
Network
|
mozilla
|
firefox
thunderbird
|
Information disclosure in the Form Autofill component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
|
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2026-6765
|
2026-04-23 01:07 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1340
|
9.8 |
CRITICAL
Network
|
mozilla
|
firefox
thunderbird
|
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-6771
|
2026-04-23 01:06 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
