|
2331
|
6.6 |
MEDIUM
Network
|
-
|
-
|
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with r…
|
CWE-287
Improper Authentication
|
CVE-2025-46641
|
2026-04-18 00:07 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2332
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.1…
|
CWE-200
Information Exposure
|
CVE-2026-23777
|
2026-04-18 00:07 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2333
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.1…
|
CWE-79
Cross-site Scripting
|
CVE-2026-28263
|
2026-04-18 00:07 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2334
|
7.5 |
HIGH
Network
|
-
|
-
|
A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY (Bootstrap Protocol Reply) packet to a dnsmasq server config…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-6507
|
2026-04-18 00:07 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2335
|
7.5 |
HIGH
Network
|
vinyl-cache
|
vinyl_cache
|
Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service (daemon panic) after timeout_linger. A malicious client could send an HTTP/1 request, wait long enough until the session r…
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2026-40396
|
2026-04-17 23:38 |
2026-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2336
|
7.5 |
HIGH
Network
|
varnish-software
|
varnish_enterprise
|
Varnish Enterprise before 6.0.16r12 allows a "workspace overflow" denial of service (daemon panic) for shared VCL. The headerplus.write_req0() function from vmod_headerplus updates the underlying req…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-40395
|
2026-04-17 23:37 |
2026-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2337
|
7.5 |
HIGH
Network
|
varnish-software
vinyl-cache
|
varnish_enterprise
vinyl_cache
|
Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service (daemon panic) for certain amounts of prefetched data. The setup of an HTTP/2 sess…
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2026-40394
|
2026-04-17 23:35 |
2026-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2338
|
9.1 |
CRITICAL
Network
|
dolibarr
|
dolibarr_erp\/crm
|
Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint that allows attackers to execute arbitrary SQL queries. Attackers can inject malic…
|
CWE-89
SQL Injection
|
CVE-2019-25710
|
2026-04-17 23:25 |
2026-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2339
|
5.5 |
MEDIUM
Local
|
nsasoft
|
spotftp
|
SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized buffer in the Name field during registration. …
|
CWE-807
Reliance on Untrusted Inputs in a Security Decision
|
CVE-2019-25711
|
2026-04-17 23:14 |
2026-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2340
|
5.5 |
MEDIUM
Local
|
nsasoft
|
blueauditor
|
BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers to crash the application by submitting an oversized key value. Attackers can tri…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-25712
|
2026-04-17 23:07 |
2026-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
