|
2571
|
5.5 |
MEDIUM
Local
|
ibm
|
tivoli_netcool\/impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2026-4788
|
2026-04-15 06:29 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2572
|
8.8 |
HIGH
Network
|
langflow
|
langflow
|
IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the system, caused by an insecure default setting which permits the deserialization of…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-3357
|
2026-04-15 06:28 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2573
|
7.5 |
HIGH
Network
|
huawei
|
harmonyos
emui
|
Vulnerability of improper permission control in the theme setting module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
CWE-275
Permission Issues
|
CVE-2026-28553
|
2026-04-15 06:16 |
2026-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2574
|
9.6 |
CRITICAL
Network
|
hpe
|
aruba_networking_private_5g_core
|
A vulnerability has been identified in the graphical user interface (GUI) of HPE Aruba Networking Private 5G Core On-Prem that could allow an attacker to abuse an open redirect vulnerability in the l…
|
CWE-601
Open Redirect
|
CVE-2026-23818
|
2026-04-15 06:15 |
2026-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2575
|
8.8 |
HIGH
Network
|
aster-te
|
terrapack_tkservercgi
terrapack_tkwebcoreng
terrapack_tpkwebgis
|
The Terrapack software, from ASTER TEC / ASTER S.p.A., with the indicated components and versions has a file upload vulnerability that may allow attackers to execute arbitrary code. Vulnerable compon…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2025-67260
|
2026-04-15 05:54 |
2026-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2576
|
8.8 |
HIGH
Network
|
aster-te
|
terrapack_tkservercgi
terrapack_tkwebcoreng
terrapack_tpkwebgis
|
El software Terrapack, de ASTER TEC / ASTER S.p.A., con los componentes y versiones indicados tiene una vulnerabilidad de carga de archivos que puede permitir a los atacantes ejecutar código arbitrar…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2025-67260
|
2026-04-15 05:54 |
2026-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2577
|
9.8 |
CRITICAL
Network
|
anolis
|
sysak
|
SysAK v2.0 and before is vulnerable to command execution via aaa;cat /etc/passwd.
|
CWE-94
Code Injection
|
CVE-2024-44722
|
2026-04-15 05:48 |
2026-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2578
|
9.8 |
CRITICAL
Network
|
anolis
|
sysak
|
SysAK v2.0 y versiones anteriores son vulnerables a la ejecución de comandos a través de «aaa;cat /etc /passwd».
|
CWE-94
Code Injection
|
CVE-2024-44722
|
2026-04-15 05:48 |
2026-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2579
|
7.5 |
HIGH
Network
|
microsoft
|
.net
|
ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote attacker to cause excessive CPU consumption by sending a crafted QUIC packet, because of an incorre…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-25667
|
2026-04-15 05:47 |
2026-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2580
|
7.5 |
HIGH
Network
|
microsoft
|
.net
|
ASP.NET Core Kestrel en Microsoft .NET 8.0 antes de 8.0.22 y .NET 9.0 antes de 9.0.11 permite a un atacante remoto causar un consumo excesivo de CPU mediante el envío de un paquete QUIC manipulado, d…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-25667
|
2026-04-15 05:47 |
2026-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
