|
2091
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Insertion of Sensitive Information Into Sent Data vulnerability in Pär Thernström Simple History simple-history allows Retrieve Embedded Sensitive Data.This issue affects Simple History: from n/a thr…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2026-39473
|
2026-04-14 02:16 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2092
|
7.6 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPMU DEV - Your All-in-One WordPress Platform Broken Link Checker broken-link-checker allows Blin…
|
CWE-89
SQL Injection
|
CVE-2026-39466
|
2026-04-14 02:16 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2093
|
- |
|
-
|
-
|
Rejected reason: This CVE is a duplicate of another CVE.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-39940. Reason: This candidate is a reservation duplicate of CVE-2026-399…
|
-
|
CVE-2026-35578
|
2026-04-14 02:16 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2094
|
9.8 |
CRITICAL
Network
|
h3
|
h3
|
H3 is a minimal H(TTP) framework built for high performance and portability. Prior to 1.15.5, there is a critical HTTP Request Smuggling vulnerability. readRawBody is doing a strict case-sensitive ch…
|
CWE-444
HTTP Request Smuggling
|
CVE-2026-23527
|
2026-04-14 02:16 |
2026-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2095
|
9.8 |
CRITICAL
Network
|
h3
|
h3
|
H3 es un framework H(TTP) mínimo diseñado para alto rendimiento y portabilidad. Antes de 1.15.5, existe una vulnerabilidad crítica de contrabando de solicitudes HTTP. readRawBody realiza una comproba…
|
CWE-444
HTTP Request Smuggling
|
CVE-2026-23527
|
2026-04-14 02:16 |
2026-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2096
|
8.3 |
HIGH
Network
|
scitokens
|
scitokens_cpp_library
|
SciTokens C++ is a minimal library for creating and using SciTokens from C or C++. Prior to version 1.4.1, scitokens-cpp is vulnerable to an authorization bypass when processing path-based scopes in …
|
CWE-23
Relative Path Traversal
|
CVE-2026-32725
|
2026-04-14 02:16 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2097
|
8.1 |
HIGH
Network
|
scitokens
|
scitokens_cpp_library
|
SciTokens C++ is a minimal library for creating and using SciTokens from C or C++. Prior to version 1.4.1, scitokens-cpp is vulnerable to an authorization bypass in path-based scope validation. The e…
|
CWE-863
Incorrect Authorization
|
CVE-2026-32726
|
2026-04-14 02:03 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2098
|
6.5 |
MEDIUM
Network
|
pdfding
|
pdfding
|
PdfDing is a selfhosted PDF manager, viewer and editor offering a seamless user experience on multiple devices. Prior to version 1.7.1, check_shared_access_allowed() validates only session existence …
|
CWE-863
Incorrect Authorization
|
CVE-2026-34586
|
2026-04-14 01:53 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2099
|
4.8 |
MEDIUM
Network
|
sonicwall
|
email_security
|
A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allow…
|
CWE-79
Cross-site Scripting
|
CVE-2026-3468
|
2026-04-14 01:50 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2100
|
2.7 |
LOW
Network
|
sonicwall
|
email_security
|
A denial-of-service (DoS) vulnerability exists due to improper input validation in the SonicWall Email Security appliance, allowing a remote authenticated attacker as admin user to cause the applicat…
|
CWE-20
NVD-CWE-noinfo
Improper Input Validation
|
CVE-2026-3469
|
2026-04-14 01:49 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
