|
1561
|
8.8 |
HIGH
Network
|
-
|
-
|
An issue was discovered in Kiamo before 8.4 allowing authenticated administrative attackers to execute arbitrary PHP code on the server.
|
CWE-94
Code Injection
|
CVE-2025-70364
|
2026-04-15 02:16 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1562
|
9.8 |
CRITICAL
Network
|
microsoft
|
azure_cloud_shell
|
Server-side request forgery (ssrf) in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-32169
|
2026-04-15 02:14 |
2026-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1563
|
9.8 |
CRITICAL
Network
|
microsoft
|
azure_cloud_shell
|
Falsificación de petición del lado del servidor (SSRF) en Azure Cloud Shell permite a un atacante no autorizado elevar privilegios sobre una red.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-32169
|
2026-04-15 02:14 |
2026-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1564
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
|
CWE-358
Improperly Implemented Security Check for Standard
|
CVE-2026-5894
|
2026-04-15 02:06 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1565
|
6.6 |
MEDIUM
Local
|
google
|
chrome
|
Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted …
|
CWE-1268
|
CVE-2026-5892
|
2026-04-15 02:06 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1566
|
7.5 |
HIGH
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause de…
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2025-12664
|
2026-04-15 02:04 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1567
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab EE affecting all versions from 16.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that under certain circumstances could have allowed an authent…
|
CWE-862
Missing Authorization
|
CVE-2025-9484
|
2026-04-15 02:03 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1568
|
5.7 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that in Code Quality reports could have allowed an authentic…
|
CWE-94
Code Injection
|
CVE-2026-1516
|
2026-04-15 02:03 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1569
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-r…
|
CWE-863
Incorrect Authorization
|
CVE-2026-1752
|
2026-04-15 02:02 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1570
|
7.5 |
HIGH
Network
|
telesquare
|
sdt-cs3b1_firmware
|
Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2017-20222
|
2026-04-15 02:00 |
2026-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
