|
1851
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Hyland OnBase contains an unauthenticated .NET Remoting exposure in the OnBase Workflow Timer Service (Hyland.Core.Workflow.NTService.exe). An attacker who can reach the service can send crafted .NET…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-26221
|
2026-04-14 09:16 |
2026-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1852
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Hyland OnBase contiene una exposición de .NET Remoting sin autenticación en el Servicio de Temporizador de Flujo de Trabajo de OnBase (Hyland.Core.Workflow.NTService.exe). Un atacante que puede alcan…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-26221
|
2026-04-14 09:16 |
2026-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1853
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The User Registration & Membership plugin for WordPress is vulnerable to Open Redirect in versions up to and including 5.1.4. This is due to insufficient validation of user-supplied URLs passed via t…
|
CWE-601
Open Redirect
|
CVE-2026-6203
|
2026-04-14 08:16 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1854
|
6.5 |
MEDIUM
Local
|
-
|
-
|
Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mit…
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2025-0921
|
2026-04-14 08:16 |
2025-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1855
|
6.5 |
MEDIUM
Local
|
-
|
-
|
La vulnerabilidad de ejecución con privilegios innecesarios en el agente Pager de la función de notificación multiagente de Mitsubishi Electric Iconics Digital Solutions GENESIS64 anterior a la versi…
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2025-0921
|
2026-04-14 08:16 |
2025-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1856
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Missing Authentication for Critical Function vulnerability in the mobile monitoring feature of Mitsubishi Electric GENESIS64 versions 10.97.2 and prior, Mitsubishi Electric ICONICS Suite versions 10.…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-1573
|
2026-04-14 08:16 |
2024-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1857
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de autenticación incorrecta en la función de monitoreo móvil de ICONICS GENESIS64 versiones 10.97 a 10.97.2, Mitsubishi Electric GENESIS64 versiones 10.97 a 10.97.2 y Mitsubishi Electr…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-1573
|
2026-04-14 08:16 |
2024-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1858
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in nocobase plugin-workflow-javascript up to 2.0.23. This issue affects the function createSafeConsole of the file packages/plugins/@nocobase/plugin-workflow-javas…
|
CWE-264
CWE-265
Permissions, Privileges, and Access Controls
Privilege Issues
|
CVE-2026-6224
|
2026-04-14 07:16 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1859
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in HummerRisk up to 1.5.0. This vulnerability affects the function ServerService.addServer of the file ServerService.java of the component Video File Download URL Handl…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-6220
|
2026-04-14 07:16 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1860
|
6.7 |
MEDIUM
Local
|
-
|
-
|
A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root.
T…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2025-30650
|
2026-04-14 07:16 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
