|
1301
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to exec…
|
CWE-79
Cross-site Scripting
|
CVE-2026-27246
|
2026-04-16 01:14 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1302
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Ex…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-27303
|
2026-04-16 01:14 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1303
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnera…
|
CWE-79
Cross-site Scripting
|
CVE-2026-34614
|
2026-04-16 01:14 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1304
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Ex…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-34615
|
2026-04-16 01:14 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1305
|
8.7 |
HIGH
Network
|
-
|
-
|
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could result in privilege escalation. A low-privileged attacker could exploit this vul…
|
CWE-79
Cross-site Scripting
|
CVE-2026-34617
|
2026-04-16 01:14 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1306
|
9.8 |
CRITICAL
Network
|
cryptography.io
|
cryptography
|
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Pyth…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-39892
|
2026-04-16 01:12 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1307
|
8.4 |
HIGH
Local
|
nixos
|
nix
|
Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary overwrites of files writable by the Nix process orchestrating the builds (typicall…
|
CWE-61
UNIX Symbolic Link (Symlink) Following
|
CVE-2026-39860
|
2026-04-16 01:12 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1308
|
4.9 |
MEDIUM
Network
|
kamailio
|
kamailio
|
Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio (formerly OpenSER and SER) allows remote attackers …
|
CWE-125
Out-of-bounds Read
|
CVE-2026-39864
|
2026-04-16 01:06 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1309
|
6.5 |
MEDIUM
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attacke…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2026-35644
|
2026-04-16 01:03 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1310
|
7.5 |
HIGH
Network
|
kamailio
|
kamailio
|
Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.1.1, 6.0.6, and 5.8.8, an out-of-bounds access in the core of Kamailio (formerly OpenSER and SER) allows remote attacke…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-39863
|
2026-04-16 00:58 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
